GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
111 advisories
Command Injection in sequenceserver
Critical
CVE-2024-42360
was published
for
sequenceserver
(RubyGems)
Aug 13, 2024
SAML authentication bypass via Incorrect XPath selector
Critical
CVE-2024-45409
was published
for
ruby-saml
(RubyGems)
Sep 10, 2024
omniauth-saml vulnerable to Improper Verification of Cryptographic Signature
Critical
GHSA-cvp8-5r8g-fhvq
was published
for
omniauth-saml
(RubyGems)
Sep 11, 2024
graphql allows remote code execution when loading a crafted GraphQL schema
Critical
CVE-2025-27407
was published
for
graphql
(RubyGems)
Mar 12, 2025
Ruby SAML allows a SAML authentication bypass due to DOCTYPE handling (parser differential)
Critical
CVE-2025-25291
was published
for
ruby-saml
(RubyGems)
Mar 12, 2025
Ruby SAML allows a SAML authentication bypass due to namespace handling (parser differential)
Critical
CVE-2025-25292
was published
for
ruby-saml
(RubyGems)
Mar 12, 2025
ProTip!
Advisories are also available from the
GraphQL API