GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
52 advisories
Filter by severity
IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and
12.0.0 through 12.0.4
is vulnerable to an...
Critical
Unreviewed
CVE-2024-51466
was published
Dec 20, 2024
Voltronic Power ViewPower Pro Expression Language Injection Remote Code Execution Vulnerability....
Critical
Unreviewed
CVE-2023-51593
was published
May 3, 2024
Expression Language Injection vulnerability in Hitachi Replication Manager on Windows, Linux,...
Critical
Unreviewed
CVE-2022-4146
was published
Jul 18, 2023
Databasir v1.0.7 was discovered to contain a remote code execution (RCE) vulnerability via the...
Critical
Unreviewed
CVE-2023-27821
was published
Mar 28, 2023
Liima before 1.17.28 allows server-side template injection.
Critical
Unreviewed
CVE-2023-26092
was published
Feb 20, 2023
Nepxion Discovery vulnerable to SpEL Injection leading to Remote Code Execution
Critical
CVE-2022-23463
was published
for
com.nepxion:discovery
(Maven)
Sep 25, 2022
SpEL Injection in Spring Data MongoDB
Critical
CVE-2022-22980
was published
for
org.springframework.data:spring-data-mongodb
(Maven)
Jun 24, 2022
A select expression language injection remote code execution vulnerability was discovered in HPE...
Critical
Unreviewed
CVE-2020-7170
was published
May 24, 2022
A quicktemplateselect expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-7167
was published
May 24, 2022
A selectusergroup expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-7168
was published
May 24, 2022
A faultparasset expression language injection remote code execution vulnerability was discovered...
Critical
Unreviewed
CVE-2020-7152
was published
May 24, 2022
A operationselect expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-7164
was published
May 24, 2022
A navigationto expression language injection remote code execution vulnerability was discovered...
Critical
Unreviewed
CVE-2020-7163
was published
May 24, 2022
A ictexpertcsvdownload expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-7169
was published
May 24, 2022
A perfselecttask expression language injection remote code execution vulnerability was discovered...
Critical
Unreviewed
CVE-2020-7158
was published
May 24, 2022
A customtemplateselect expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-7159
was published
May 24, 2022
A iccselectcommand expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-7165
was published
May 24, 2022
A operatorgroupselectcontent expression language injection remote code execution vulnerability...
Critical
Unreviewed
CVE-2020-7162
was published
May 24, 2022
A operatorgrouptreeselectcontent expression language injection remote code execution...
Critical
Unreviewed
CVE-2020-7166
was published
May 24, 2022
A reporttaskselect expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-7161
was published
May 24, 2022
A selviewnavcontent expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-7157
was published
May 24, 2022
A select expression language injection remote code execution vulnerability was discovered in HPE...
Critical
Unreviewed
CVE-2020-7155
was published
May 24, 2022
A faulttrapgroupselect expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-7151
was published
May 24, 2022
A faultstatchoosefaulttype expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-7150
was published
May 24, 2022
A ifviewselectpage expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-7154
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API