GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
921 advisories
Action Pack contains database-query restrictions bypass
Moderate
CVE-2012-2660
was published
for
actionpack
(RubyGems)
Oct 24, 2017
actionpack allows remote attackers to bypass database-query restrictions, perform NULL checks via crafted request
Moderate
CVE-2012-2694
was published
for
actionpack
(RubyGems)
Oct 24, 2017
activerecord vulnerable to SQL Injection
High
CVE-2012-2695
was published
for
activerecord
(RubyGems)
Oct 24, 2017
Rails activerecord gem has Improper Input Validation vulnerability
Moderate
CVE-2010-3933
was published
for
activerecord
(RubyGems)
Oct 24, 2017
Improper Input Validation in actionpack
Moderate
CVE-2008-7248
was published
for
actionpack
(RubyGems)
Oct 24, 2017
rails Cross-site Scripting vulnerability
Moderate
CVE-2011-2197
was published
for
actionpack
(RubyGems)
Oct 24, 2017
actionpack Cross-Site Request Forgery vulnerability
Moderate
CVE-2011-0447
was published
for
actionpack
(RubyGems)
Oct 24, 2017
Rails ActiveRecord gem vulnerable to SQL injection
High
CVE-2008-4094
was published
for
activerecord
(RubyGems)
Oct 24, 2017
Cross-site Scripting vulnerability in i18n translations helper method
Moderate
CVE-2011-4319
was published
for
actionpack
(RubyGems)
Oct 24, 2017
RuboCop gem Insecure use of /tmp
Low
CVE-2017-8418
was published
for
rubocop
(RubyGems)
Nov 15, 2017
yajl-ruby gem Denial of Service vulnerability
High
CVE-2017-16516
was published
for
yajl-ruby
(RubyGems)
Nov 28, 2017
ProTip!
Advisories are also available from the
GraphQL API