Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,356
Erlang
33
GitHub Actions
22
Go
2,121
Maven
5,000+
npm
3,783
NuGet
683
pip
3,465
Pub
12
RubyGems
893
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

781 advisories

Loading
PublicCMS v4.0 was discovered to contain a remote code execution (RCE) vulnerability via the... Critical Unreviewed
CVE-2022-23389 was published Feb 15, 2022
Apache Cassandra vulnerable to Code Injection due to unsafe configuration Critical
CVE-2021-44521 was published for org.apache.cassandra:cassandra-all (Maven) Feb 12, 2022
Remote code execution in Apache Struts Critical
CVE-2020-17530 was published for org.apache.struts:struts2-core (Maven) Feb 9, 2022
Prototype Pollution leading to Remote Code Execution in superjson Critical
CVE-2022-23631 was published for blitz (npm) Feb 9, 2022
paul-gerste-sonarsource
Remote code execution in Apache ActiveMQ Critical
CVE-2020-11998 was published for org.apache.activemq:activemq-parent (Maven) Feb 9, 2022
sunSUNQ
iCMS <= 8.0.0 allows users to add and render a comtom template, which has a SSTI vulnerability... Critical Unreviewed
CVE-2021-44978 was published Feb 9, 2022
Joplin Vulnerable to Code Injection Critical
CVE-2022-23340 was published for joplin (npm) Feb 9, 2022
Code injection in ShenYu Critical
CVE-2021-45029 was published for org.apache.shenyu:shenyu-common (Maven) Jan 28, 2022
Server Side Twig Template Injection Critical
CVE-2022-21686 was published for prestashop/prestashop (Composer) Jan 27, 2022
Brum3ns
Microsoft Exchange Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE... Critical Unreviewed
CVE-2022-21846 was published Jan 12, 2022
HHEE system has a Code Injection vulnerability.Successful exploitation of this vulnerability may... Critical Unreviewed
CVE-2021-39979 was published Jan 4, 2022
Code Injection in md-to-pdf. Critical
CVE-2021-23639 was published for md-to-pdf (npm) Dec 16, 2021
Microsoft Defender for IoT Remote Code Execution Vulnerability This CVE ID is unique from CVE... Critical Unreviewed
CVE-2021-42310 was published Dec 16, 2021
Microsoft Defender for IoT Remote Code Execution Vulnerability This CVE ID is unique from CVE... Critical Unreviewed
CVE-2021-42311 was published Dec 16, 2021
Web Media Extensions Remote Code Execution Vulnerability Critical Unreviewed
CVE-2021-43214 was published Dec 16, 2021
iSNS Server Memory Corruption Vulnerability Can Lead to Remote Code Execution Critical Unreviewed
CVE-2021-43215 was published Dec 16, 2021
Windows Encrypting File System (EFS) Remote Code Execution Vulnerability Critical Unreviewed
CVE-2021-43217 was published Dec 16, 2021
Bot Framework SDK Remote Code Execution Vulnerability Critical Unreviewed
CVE-2021-43225 was published Dec 16, 2021
Microsoft Defender for IoT Remote Code Execution Vulnerability This CVE ID is unique from CVE... Critical Unreviewed
CVE-2021-43882 was published Dec 16, 2021
Microsoft 4K Wireless Display Adapter Remote Code Execution Vulnerability Critical Unreviewed
CVE-2021-43899 was published Dec 16, 2021
Internally used text extraction reports allow an attacker to inject code that can be executed by... Critical Unreviewed
CVE-2021-44231 was published Dec 15, 2021
Code Injection in node-rules Critical
CVE-2020-7609 was published for node-rules (npm) Dec 10, 2021
Code Injection in total4 Critical
CVE-2021-23390 was published for total4 (npm) Dec 10, 2021
Code Injection in total.js Critical
CVE-2021-23389 was published for total.js (npm) Dec 10, 2021
A code injection vulnerability in the Ivanti EPM Cloud Services Appliance (CSA) allows an... Critical Unreviewed
CVE-2021-44529 was published Dec 9, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database