Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,044
Maven
5,000+
npm
3,736
NuGet
663
pip
3,414
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

74 advisories

Loading
An issue was discovered in ZZZCMS zzzphp V1.6.1. In the inc/zzz_template.php file, the... High Unreviewed
CVE-2019-9041 was published May 13, 2022
Sonatype Nexus Repository Manager before 3.14 allows Java Expression Language Injection. High Unreviewed
CVE-2018-16621 was published May 13, 2022
Input validation issue in POWER EGG(Ver 2.0.1, Ver 2.02 Patch 3 and earlier, Ver 2.1 Patch 4 and... Critical Unreviewed
CVE-2019-5916 was published May 13, 2022
JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat... Moderate Unreviewed
CVE-2010-1871 was published May 17, 2022
An issue was discovered in QlikView Server before 11.20 SR19, 12.00 and 12.10 before 12.10 SR11,... Moderate Unreviewed
CVE-2019-11628 was published May 24, 2022
VMware Cloud Director 10.0.x before 10.0.0.2, 9.7.0.x before 9.7.0.5, 9.5.0.x before 9.5.0.6, and... Moderate Unreviewed
CVE-2020-3956 was published May 24, 2022
A syslogtempletselectwin expression language injection remote code execution vulnerability was... Critical Unreviewed
CVE-2020-24651 was published May 24, 2022
A legend expression language injection remote code execution vulnerability was discovered in HPE... Critical Unreviewed
CVE-2020-24650 was published May 24, 2022
A addvsiinterfaceinfo expression language injection remote code execution vulnerability was... Critical Unreviewed
CVE-2020-24652 was published May 24, 2022
A adddevicetoview expression language injection remote code execution vulnerability was... Critical Unreviewed
CVE-2020-7141 was published May 24, 2022
A deployselectsoftware expression language injection remote code execution vulnerability was... Critical Unreviewed
CVE-2020-7148 was published May 24, 2022
A ictexpertcsvdownload expression language injection remote code execution vulnerability was... Critical Unreviewed
CVE-2020-7149 was published May 24, 2022
A eventinfo_content expression language injection remote code execution vulnerability was... Critical Unreviewed
CVE-2020-7142 was published May 24, 2022
A deployselectbootrom expression language injection remote code execution vulnerability was... Critical Unreviewed
CVE-2020-7147 was published May 24, 2022
A devgroupselect expression language injection remote code execution vulnerability was discovered... Critical Unreviewed
CVE-2020-7146 was published May 24, 2022
A comparefilesresult expression language injection remote code execution vulnerability was... Critical Unreviewed
CVE-2020-7144 was published May 24, 2022
A faultdevparasset expression language injection remote code execution vulnerability was... Critical Unreviewed
CVE-2020-7143 was published May 24, 2022
A chooseperfview expression language injection remote code execution vulnerability was discovered... Critical Unreviewed
CVE-2020-7145 was published May 24, 2022
A selviewnavcontent expression language injection remote code execution vulnerability was... Critical Unreviewed
CVE-2020-7157 was published May 24, 2022
A select expression language injection remote code execution vulnerability was discovered in HPE... Critical Unreviewed
CVE-2020-7155 was published May 24, 2022
A iccselectdeviceseries expression language injection remote code execution vulnerability was... Critical Unreviewed
CVE-2020-7160 was published May 24, 2022
A iccselectdevtype expression language injection remote code execution vulnerability was... Critical Unreviewed
CVE-2020-7153 was published May 24, 2022
A faulttrapgroupselect expression language injection remote code execution vulnerability was... Critical Unreviewed
CVE-2020-7151 was published May 24, 2022
A faultstatchoosefaulttype expression language injection remote code execution vulnerability was... Critical Unreviewed
CVE-2020-7150 was published May 24, 2022
A ifviewselectpage expression language injection remote code execution vulnerability was... Critical Unreviewed
CVE-2020-7154 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database