GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
39 advisories
Filter by severity
IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and
12.0.0 through 12.0.4
is vulnerable to an...
Critical
Unreviewed
CVE-2024-51466
was published
Dec 20, 2024
Voltronic Power ViewPower Pro Expression Language Injection Remote Code Execution Vulnerability....
Critical
Unreviewed
CVE-2023-51593
was published
May 3, 2024
Expression Language Injection vulnerability in Hitachi Replication Manager on Windows, Linux,...
Critical
Unreviewed
CVE-2022-4146
was published
Jul 18, 2023
Databasir v1.0.7 was discovered to contain a remote code execution (RCE) vulnerability via the...
Critical
Unreviewed
CVE-2023-27821
was published
Mar 28, 2023
Liima before 1.17.28 allows server-side template injection.
Critical
Unreviewed
CVE-2023-26092
was published
Feb 20, 2023
Input validation issue in POWER EGG(Ver 2.0.1, Ver 2.02 Patch 3 and earlier, Ver 2.1 Patch 4 and...
Critical
Unreviewed
CVE-2019-5916
was published
May 13, 2022
A devgroupselect expression language injection remote code execution vulnerability was discovered...
Critical
Unreviewed
CVE-2020-7146
was published
May 24, 2022
A operatorgroupselectcontent expression language injection remote code execution vulnerability...
Critical
Unreviewed
CVE-2020-7162
was published
May 24, 2022
A syslogtempletselectwin expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-24651
was published
May 24, 2022
A addvsiinterfaceinfo expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-24652
was published
May 24, 2022
A adddevicetoview expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-7141
was published
May 24, 2022
A operationselect expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-7164
was published
May 24, 2022
A ifviewselectpage expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-7154
was published
May 24, 2022
A select expression language injection remote code execution vulnerability was discovered in HPE...
Critical
Unreviewed
CVE-2020-7155
was published
May 24, 2022
A navigationto expression language injection remote code execution vulnerability was discovered...
Critical
Unreviewed
CVE-2020-7163
was published
May 24, 2022
A ictexpertcsvdownload expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-7169
was published
May 24, 2022
A reporttaskselect expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-7161
was published
May 24, 2022
A iccselectdeviceseries expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-7160
was published
May 24, 2022
A iccselectdevtype expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-7153
was published
May 24, 2022
A eventinfo_content expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-7142
was published
May 24, 2022
A deployselectbootrom expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-7147
was published
May 24, 2022
A legend expression language injection remote code execution vulnerability was discovered in HPE...
Critical
Unreviewed
CVE-2020-24650
was published
May 24, 2022
A faultstatchoosefaulttype expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-7150
was published
May 24, 2022
A selviewnavcontent expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-7157
was published
May 24, 2022
A customtemplateselect expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-7159
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API