GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
9,990 advisories
Moodle has an IDOR in messaging web service which allows access to some user details
Moderate
CVE-2025-3645
was published
for
moodle/moodle
(Composer)
Apr 25, 2025
Moodle has reflected Cross-site Scripting risk in policy tool
Moderate
CVE-2025-3643
was published
for
moodle/moodle
(Composer)
Apr 25, 2025
GraphQL Armor Cost-Limit Plugin Bypass via Introspection Query Obfuscation
Moderate
GHSA-733v-p3h5-qpq7
was published
for
@escape.tech/graphql-armor-cost-limit
(npm)
Apr 25, 2025
LLaMA-Factory Allows Arbitrary Code Execution via Unsafe Deserialization in Ilamafy_baichuan2.py
Moderate
CVE-2025-46567
was published
for
llamafactory
(pip)
Apr 23, 2025
pnpm uses the md5 path shortening function causes packet paths to coincide, which causes indirect packet overwriting
Moderate
CVE-2024-47829
was published
for
pnpm
(npm)
Apr 23, 2025
io.jmix.localfs:jmix-localfs affected by DoS in the Local File Storage
Moderate
CVE-2025-32952
was published
for
io.jmix.localfs:jmix-localfs
(Maven)
Apr 22, 2025
io.jmix.rest:jmix-rest allows XSS in the /files Endpoint of the Generic REST API
Moderate
CVE-2025-32951
was published
for
io.jmix.rest:jmix-rest
(Maven)
Apr 22, 2025
io.jmix.localfs:jmix-localfs has a Path Traversal in Local File Storage
Moderate
CVE-2025-32950
was published
for
io.jmix.localfs:jmix-localfs
(Maven)
Apr 22, 2025
ProTip!
Advisories are also available from the
GraphQL API