GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
75 advisories
Filter by severity
IBM Cognos Analytics 11.2.0 through 11.2.4 FP4 and
12.0.0 through 12.0.4
is vulnerable to an...
Critical
Unreviewed
CVE-2024-51466
was published
Dec 20, 2024
A reflected cross-site scripting (XSS) vulnerability exists in PaperCut NG/MF. This issue can be...
Moderate
Unreviewed
CVE-2024-9672
was published
Dec 10, 2024
A vulnerability was found in DataGear up to 5.0.0. It has been declared as critical. Affected by...
Moderate
Unreviewed
CVE-2024-7552
was published
Aug 6, 2024
Expression Language Injection vulnerability in Hitachi Tuning Manager on Windows, Linux, Solaris...
High
Unreviewed
CVE-2024-5828
was published
Aug 6, 2024
Voltronic Power ViewPower Pro Expression Language Injection Remote Code Execution Vulnerability....
Critical
Unreviewed
CVE-2023-51593
was published
May 3, 2024
Expression Language Injection vulnerability in Hitachi Global Link Manager on Windows allows Code...
High
Unreviewed
CVE-2024-0715
was published
Feb 20, 2024
Archive, check and export commands in Chef InSpec
prior to 4.56.58 and 5.22.29 allow local...
High
Unreviewed
CVE-2023-42658
was published
Oct 31, 2023
Expression Language Injection vulnerability in Hitachi Replication Manager on Windows, Linux,...
Critical
Unreviewed
CVE-2022-4146
was published
Jul 18, 2023
Databasir v1.0.7 was discovered to contain a remote code execution (RCE) vulnerability via the...
Critical
Unreviewed
CVE-2023-27821
was published
Mar 28, 2023
Liima before 1.17.28 allows server-side template injection.
Critical
Unreviewed
CVE-2023-26092
was published
Feb 20, 2023
A vulnerability has been identified in Mendix Applications using Mendix 9 (All versions >= V9.11 ...
Moderate
Unreviewed
CVE-2022-34466
was published
Jul 13, 2022
Eclipse Keti is a service that was designed to protect RESTfuls API using Attribute Based Access...
High
Unreviewed
CVE-2021-32834
was published
May 24, 2022
ObjectPlanet Opinio before 7.14 allows Expression Language Injection via the admin/permissionList...
High
Unreviewed
CVE-2020-26565
was published
May 24, 2022
A iccselectrules expression language injection remote code execution vulnerability was discovered...
High
Unreviewed
CVE-2020-7195
was published
May 24, 2022
A perfaddormoddevicemonitor expression language injection remote code execution vulnerability was...
High
Unreviewed
CVE-2020-7194
was published
May 24, 2022
A ictexpertcsvdownload expression language injection remote code execution vulnerability was...
High
Unreviewed
CVE-2020-7193
was published
May 24, 2022
A deviceselect expression language injection remote code execution vulnerability was discovered...
High
Unreviewed
CVE-2020-7190
was published
May 24, 2022
A viewbatchtaskresultdetailfact expression language injection remote code execution vulnerability...
High
Unreviewed
CVE-2020-7184
was published
May 24, 2022
A tvxlanlegend expression language injection remote code execution vulnerability was discovered...
High
Unreviewed
CVE-2020-7185
was published
May 24, 2022
A devsoftsel expression language injection remote code execution vulnerability was discovered in...
High
Unreviewed
CVE-2020-7191
was published
May 24, 2022
A faultflasheventselectfact expression language injectionremote code execution vulnerability was...
High
Unreviewed
CVE-2020-7189
was published
May 24, 2022
A reportpage index expression language injection remote code execution vulnerability was...
High
Unreviewed
CVE-2020-7187
was published
May 24, 2022
A powershellconfigcontent expression language injection remote code execution vulnerability was...
High
Unreviewed
CVE-2020-7186
was published
May 24, 2022
A devicethresholdconfig expression language injection remote code execution vulnerability was...
High
Unreviewed
CVE-2020-7192
was published
May 24, 2022
A userselectpagingcontent expression language injection remote code execution vulnerability was...
High
Unreviewed
CVE-2020-7188
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API