GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
75 advisories
Filter by severity
An issue was discovered in ZZZCMS zzzphp V1.6.1. In the inc/zzz_template.php file, the...
High
Unreviewed
CVE-2019-9041
was published
May 13, 2022
Sonatype Nexus Repository Manager before 3.14 allows Java Expression Language Injection.
High
Unreviewed
CVE-2018-16621
was published
May 13, 2022
Input validation issue in POWER EGG(Ver 2.0.1, Ver 2.02 Patch 3 and earlier, Ver 2.1 Patch 4 and...
Critical
Unreviewed
CVE-2019-5916
was published
May 13, 2022
JBoss Seam 2 (jboss-seam2), as used in JBoss Enterprise Application Platform 4.3.0 for Red Hat...
Moderate
Unreviewed
CVE-2010-1871
was published
May 17, 2022
An issue was discovered in QlikView Server before 11.20 SR19, 12.00 and 12.10 before 12.10 SR11,...
Moderate
Unreviewed
CVE-2019-11628
was published
May 24, 2022
VMware Cloud Director 10.0.x before 10.0.0.2, 9.7.0.x before 9.7.0.5, 9.5.0.x before 9.5.0.6, and...
Moderate
Unreviewed
CVE-2020-3956
was published
May 24, 2022
A legend expression language injection remote code execution vulnerability was discovered in HPE...
Critical
Unreviewed
CVE-2020-24650
was published
May 24, 2022
A addvsiinterfaceinfo expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-24652
was published
May 24, 2022
A adddevicetoview expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-7141
was published
May 24, 2022
A syslogtempletselectwin expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-24651
was published
May 24, 2022
A deployselectsoftware expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-7148
was published
May 24, 2022
A devgroupselect expression language injection remote code execution vulnerability was discovered...
Critical
Unreviewed
CVE-2020-7146
was published
May 24, 2022
A comparefilesresult expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-7144
was published
May 24, 2022
A faultdevparasset expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-7143
was published
May 24, 2022
A chooseperfview expression language injection remote code execution vulnerability was discovered...
Critical
Unreviewed
CVE-2020-7145
was published
May 24, 2022
A ictexpertcsvdownload expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-7149
was published
May 24, 2022
A eventinfo_content expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-7142
was published
May 24, 2022
A deployselectbootrom expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-7147
was published
May 24, 2022
A selviewnavcontent expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-7157
was published
May 24, 2022
A select expression language injection remote code execution vulnerability was discovered in HPE...
Critical
Unreviewed
CVE-2020-7155
was published
May 24, 2022
A faulttrapgroupselect expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-7151
was published
May 24, 2022
A faultstatchoosefaulttype expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-7150
was published
May 24, 2022
A ifviewselectpage expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-7154
was published
May 24, 2022
A faultinfo_content expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-7156
was published
May 24, 2022
A iccselectdeviceseries expression language injection remote code execution vulnerability was...
Critical
Unreviewed
CVE-2020-7160
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API