GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,044
Maven
5,000+
npm
3,736
NuGet
663
pip
3,414
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
39 advisories
Filter by severity
Expression Language Injection vulnerability in Hitachi Tuning Manager on Windows, Linux, Solaris...
High
Unreviewed
CVE-2024-5828
was published
Aug 6, 2024
Spring Framework vulnerable to denial of service
High
CVE-2023-20863
was published
for
org.springframework:spring-expression
(Maven)
Apr 13, 2023
Expression Language Injection vulnerability in Hitachi Global Link Manager on Windows allows Code...
High
Unreviewed
CVE-2024-0715
was published
Feb 20, 2024
Remote Code Execution in SyliusResourceBundle
High
CVE-2020-15143
was published
for
sylius/resource-bundle
(Composer)
Aug 19, 2020
Apache MyFaces Vulnerable to EL Injection
High
CVE-2011-4343
was published
for
org.apache.myfaces.core:myfaces-core-module
(Maven)
May 17, 2022
Archive, check and export commands in Chef InSpec
prior to 4.56.58 and 5.22.29 allow local...
High
Unreviewed
CVE-2023-42658
was published
Oct 31, 2023
Apache Ambari Expression Language Injection vulnerability
High
CVE-2022-45855
was published
for
org.apache.ambari:ambari
(Maven)
Jul 12, 2023
Apache Jena Expression Language Injection vulnerability
High
CVE-2023-32200
was published
for
org.apache.jena:jena
(Maven)
Jul 12, 2023
Apache Ambari Expression Language Injection vulnerability
High
CVE-2022-42009
was published
for
org.apache.ambari:ambari
(Maven)
Jul 12, 2023
Improper Input Validation in GeoServer
High
CVE-2022-24847
was published
for
org.geoserver:gs-main
(Maven)
Apr 22, 2022
Remote Code Execution in SCIMono
High
CVE-2021-21479
was published
for
com.sap.scimono:scimono-server
(Maven)
Feb 10, 2021
Sonatype Nexus Repository Manager before 3.14 allows Java Expression Language Injection.
High
Unreviewed
CVE-2018-16621
was published
May 13, 2022
An issue was discovered in ZZZCMS zzzphp V1.6.1. In the inc/zzz_template.php file, the...
High
Unreviewed
CVE-2019-9041
was published
May 13, 2022
Eclipse Keti is a service that was designed to protect RESTfuls API using Attribute Based Access...
High
Unreviewed
CVE-2021-32834
was published
May 24, 2022
ObjectPlanet Opinio before 7.14 allows Expression Language Injection via the admin/permissionList...
High
Unreviewed
CVE-2020-26565
was published
May 24, 2022
A userselectpagingcontent expression language injection remote code execution vulnerability was...
High
Unreviewed
CVE-2020-7188
was published
May 24, 2022
A tvxlanlegend expression language injection remote code execution vulnerability was discovered...
High
Unreviewed
CVE-2020-7185
was published
May 24, 2022
A reportpage index expression language injection remote code execution vulnerability was...
High
Unreviewed
CVE-2020-7187
was published
May 24, 2022
A wmiconfigcontent expression language injection remote code execution vulnerability was...
High
Unreviewed
CVE-2020-7177
was published
May 24, 2022
A ictexpertdownload expression language injection remote code execution vulnerability was...
High
Unreviewed
CVE-2020-7180
was published
May 24, 2022
A smsrulesdownload expression language injection remote code execution vulnerability was...
High
Unreviewed
CVE-2020-7181
was published
May 24, 2022
A forwardredirect expression language injection remote code execution vulnerability was...
High
Unreviewed
CVE-2020-7183
was published
May 24, 2022
A mediaforaction expression language injection remote code execution vulnerability was discovered...
High
Unreviewed
CVE-2020-7178
was published
May 24, 2022
A devicethresholdconfig expression language injection remote code execution vulnerability was...
High
Unreviewed
CVE-2020-7192
was published
May 24, 2022
A devsoftsel expression language injection remote code execution vulnerability was discovered in...
High
Unreviewed
CVE-2020-7191
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API