GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,909
Composer 4,270
Erlang 31
GitHub Actions 21
Go 2,044
Maven 5,228
npm 3,736
NuGet 663
pip 3,414
Pub 12
RubyGems 891
Rust 868
Swift 36

Unreviewed advisories

All unreviewed 238,236

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

74 advisories

Filter by severity

Sort by

Least recently updated

A reflected cross-site scripting (XSS) vulnerability exists in PaperCut NG/MF. This issue can be... Moderate Unreviewed

CVE-2024-9672 was published Dec 10, 2024

A vulnerability was found in DataGear up to 5.0.0. It has been declared as critical. Affected by... Moderate Unreviewed

CVE-2024-7552 was published Aug 6, 2024

Expression Language Injection vulnerability in Hitachi Tuning Manager on Windows, Linux, Solaris... High Unreviewed

CVE-2024-5828 was published Aug 6, 2024

JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat... Moderate Unreviewed

CVE-2010-1871 was published May 17, 2022

Voltronic Power ViewPower Pro Expression Language Injection Remote Code Execution Vulnerability.... Critical Unreviewed

CVE-2023-51593 was published May 3, 2024

Expression Language Injection vulnerability in Hitachi Replication Manager on Windows, Linux,... Critical Unreviewed

CVE-2022-4146 was published Jul 18, 2023

An issue was discovered in QlikView Server before 11.20 SR19, 12.00 and 12.10 before 12.10 SR11,... Moderate Unreviewed

CVE-2019-11628 was published May 24, 2022

Expression Language Injection vulnerability in Hitachi Global Link Manager on Windows allows Code... High Unreviewed

CVE-2024-0715 was published Feb 20, 2024

Archive, check and export commands in Chef InSpec prior to 4.56.58 and 5.22.29 allow local... High Unreviewed

CVE-2023-42658 was published Oct 31, 2023

A vulnerability has been identified in Mendix Applications using Mendix 9 (All versions >= V9.11 ... Moderate Unreviewed

CVE-2022-34466 was published Jul 13, 2022

Databasir v1.0.7 was discovered to contain a remote code execution (RCE) vulnerability via the... Critical Unreviewed

CVE-2023-27821 was published Mar 28, 2023

Liima before 1.17.28 allows server-side template injection. Critical Unreviewed

CVE-2023-26092 was published Feb 20, 2023

Input validation issue in POWER EGG(Ver 2.0.1, Ver 2.02 Patch 3 and earlier, Ver 2.1 Patch 4 and... Critical Unreviewed

CVE-2019-5916 was published May 13, 2022

Sonatype Nexus Repository Manager before 3.14 allows Java Expression Language Injection. High Unreviewed

CVE-2018-16621 was published May 13, 2022

An issue was discovered in ZZZCMS zzzphp V1.6.1. In the inc/zzz_template.php file, the... High Unreviewed

CVE-2019-9041 was published May 13, 2022

Eclipse Keti is a service that was designed to protect RESTfuls API using Attribute Based Access... High Unreviewed

CVE-2021-32834 was published May 24, 2022

ObjectPlanet Opinio before 7.14 allows Expression Language Injection via the admin/permissionList... High Unreviewed

CVE-2020-26565 was published May 24, 2022

A userselectpagingcontent expression language injection remote code execution vulnerability was... High Unreviewed

CVE-2020-7188 was published May 24, 2022

A tvxlanlegend expression language injection remote code execution vulnerability was discovered... High Unreviewed

CVE-2020-7185 was published May 24, 2022

A reportpage index expression language injection remote code execution vulnerability was... High Unreviewed

CVE-2020-7187 was published May 24, 2022

A select expression language injection remote code execution vulnerability was discovered in HPE... Critical Unreviewed

CVE-2020-7155 was published May 24, 2022

A wmiconfigcontent expression language injection remote code execution vulnerability was... High Unreviewed

CVE-2020-7177 was published May 24, 2022

A ictexpertdownload expression language injection remote code execution vulnerability was... High Unreviewed

CVE-2020-7180 was published May 24, 2022

A smsrulesdownload expression language injection remote code execution vulnerability was... High Unreviewed

CVE-2020-7181 was published May 24, 2022

A operatorgroupselectcontent expression language injection remote code execution vulnerability... Critical Unreviewed

CVE-2020-7162 was published May 24, 2022

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

74 advisories