Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

39 advisories

Loading
IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and 12.0.0 through 12.0.4 is vulnerable to an... Critical Unreviewed
CVE-2024-51466 was published Dec 20, 2024
Voltronic Power ViewPower Pro Expression Language Injection Remote Code Execution Vulnerability.... Critical Unreviewed
CVE-2023-51593 was published May 3, 2024
Expression Language Injection vulnerability in Hitachi Replication Manager on Windows, Linux,... Critical Unreviewed
CVE-2022-4146 was published Jul 18, 2023
Databasir v1.0.7 was discovered to contain a remote code execution (RCE) vulnerability via the... Critical Unreviewed
CVE-2023-27821 was published Mar 28, 2023
Liima before 1.17.28 allows server-side template injection. Critical Unreviewed
CVE-2023-26092 was published Feb 20, 2023
Input validation issue in POWER EGG(Ver 2.0.1, Ver 2.02 Patch 3 and earlier, Ver 2.1 Patch 4 and... Critical Unreviewed
CVE-2019-5916 was published May 13, 2022
A addvsiinterfaceinfo expression language injection remote code execution vulnerability was... Critical Unreviewed
CVE-2020-24652 was published May 24, 2022
A adddevicetoview expression language injection remote code execution vulnerability was... Critical Unreviewed
CVE-2020-7141 was published May 24, 2022
A operationselect expression language injection remote code execution vulnerability was... Critical Unreviewed
CVE-2020-7164 was published May 24, 2022
A devgroupselect expression language injection remote code execution vulnerability was discovered... Critical Unreviewed
CVE-2020-7146 was published May 24, 2022
A select expression language injection remote code execution vulnerability was discovered in HPE... Critical Unreviewed
CVE-2020-7155 was published May 24, 2022
A ifviewselectpage expression language injection remote code execution vulnerability was... Critical Unreviewed
CVE-2020-7154 was published May 24, 2022
A operatorgroupselectcontent expression language injection remote code execution vulnerability... Critical Unreviewed
CVE-2020-7162 was published May 24, 2022
A syslogtempletselectwin expression language injection remote code execution vulnerability was... Critical Unreviewed
CVE-2020-24651 was published May 24, 2022
A navigationto expression language injection remote code execution vulnerability was discovered... Critical Unreviewed
CVE-2020-7163 was published May 24, 2022
A ictexpertcsvdownload expression language injection remote code execution vulnerability was... Critical Unreviewed
CVE-2020-7169 was published May 24, 2022
A reporttaskselect expression language injection remote code execution vulnerability was... Critical Unreviewed
CVE-2020-7161 was published May 24, 2022
A legend expression language injection remote code execution vulnerability was discovered in HPE... Critical Unreviewed
CVE-2020-24650 was published May 24, 2022
A deployselectsoftware expression language injection remote code execution vulnerability was... Critical Unreviewed
CVE-2020-7148 was published May 24, 2022
A selviewnavcontent expression language injection remote code execution vulnerability was... Critical Unreviewed
CVE-2020-7157 was published May 24, 2022
A customtemplateselect expression language injection remote code execution vulnerability was... Critical Unreviewed
CVE-2020-7159 was published May 24, 2022
A faultstatchoosefaulttype expression language injection remote code execution vulnerability was... Critical Unreviewed
CVE-2020-7150 was published May 24, 2022
A iccselectdeviceseries expression language injection remote code execution vulnerability was... Critical Unreviewed
CVE-2020-7160 was published May 24, 2022
A iccselectdevtype expression language injection remote code execution vulnerability was... Critical Unreviewed
CVE-2020-7153 was published May 24, 2022
A eventinfo_content expression language injection remote code execution vulnerability was... Critical Unreviewed
CVE-2020-7142 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database