GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
12 advisories
Filter by severity
QOS.CH logback-core Expression Language Injection vulnerability
Moderate
CVE-2024-12798
was published
for
ch.qos.logback:logback-core
(Maven)
Dec 19, 2024
A reflected cross-site scripting (XSS) vulnerability exists in PaperCut NG/MF. This issue can be...
Moderate
Unreviewed
CVE-2024-9672
was published
Dec 10, 2024
A vulnerability was found in DataGear up to 5.0.0. It has been declared as critical. Affected by...
Moderate
Unreviewed
CVE-2024-7552
was published
Aug 6, 2024
Arbitrary javascript injection in Apache Jena
Moderate
CVE-2023-22665
was published
for
org.apache.jena:jena
(Maven)
Apr 25, 2023
Spring Framework vulnerable to denial of service via specially crafted SpEL expression
Moderate
CVE-2023-20861
was published
for
org.springframework:spring-expression
(Maven)
Mar 23, 2023
TYPO3 CMS vulnerable to Sensitive Information Disclosure via YAML Placeholder Expressions in Site Configuration
Moderate
CVE-2022-23504
was published
for
typo3/cms
(Composer)
Dec 13, 2022
A vulnerability has been identified in Mendix Applications using Mendix 9 (All versions >= V9.11 ...
Moderate
Unreviewed
CVE-2022-34466
was published
Jul 13, 2022
VMware Cloud Director 10.0.x before 10.0.0.2, 9.7.0.x before 9.7.0.5, 9.5.0.x before 9.5.0.6, and...
Moderate
Unreviewed
CVE-2020-3956
was published
May 24, 2022
An issue was discovered in QlikView Server before 11.20 SR19, 12.00 and 12.10 before 12.10 SR11,...
Moderate
Unreviewed
CVE-2019-11628
was published
May 24, 2022
JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat...
Moderate
Unreviewed
CVE-2010-1871
was published
May 17, 2022
Apache Tiles Vulnerable to XSS via EL Expression Injection
Moderate
CVE-2009-1275
was published
for
org.apache.tiles:tiles-core
(Maven)
May 2, 2022
Improper Input Validation in Jakarta Expression Language
Moderate
CVE-2021-28170
was published
for
com.sun.el:el-ri
(Maven)
Oct 6, 2021
ProTip!
Advisories are also available from the
GraphQL API