Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,826
Erlang
36
GitHub Actions
32
Go
2,426
Maven
5,000+
npm
4,058
NuGet
723
pip
3,848
Pub
12
RubyGems
934
Rust
1,006
Swift
38
Unreviewed advisories
All unreviewed
5,000+

948 advisories

Loading
Server Side Twig Template Injection Critical
CVE-2022-21686 was published for prestashop/prestashop (Composer) Jan 27, 2022
Brum3ns
Microsoft Exchange Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE... Critical Unreviewed
CVE-2022-21846 was published Jan 12, 2022
HHEE system has a Code Injection vulnerability.Successful exploitation of this vulnerability may... Critical Unreviewed
CVE-2021-39979 was published Jan 4, 2022
Code Injection in md-to-pdf. Critical
CVE-2021-23639 was published for md-to-pdf (npm) Dec 16, 2021
Microsoft Defender for IoT Remote Code Execution Vulnerability This CVE ID is unique from CVE... Critical Unreviewed
CVE-2021-42310 was published Dec 16, 2021
Microsoft Defender for IoT Remote Code Execution Vulnerability This CVE ID is unique from CVE... Critical Unreviewed
CVE-2021-42311 was published Dec 16, 2021
Web Media Extensions Remote Code Execution Vulnerability Critical Unreviewed
CVE-2021-43214 was published Dec 16, 2021
iSNS Server Memory Corruption Vulnerability Can Lead to Remote Code Execution Critical Unreviewed
CVE-2021-43215 was published Dec 16, 2021
Windows Encrypting File System (EFS) Remote Code Execution Vulnerability Critical Unreviewed
CVE-2021-43217 was published Dec 16, 2021
Bot Framework SDK Remote Code Execution Vulnerability Critical Unreviewed
CVE-2021-43225 was published Dec 16, 2021
Microsoft Defender for IoT Remote Code Execution Vulnerability This CVE ID is unique from CVE... Critical Unreviewed
CVE-2021-43882 was published Dec 16, 2021
Microsoft 4K Wireless Display Adapter Remote Code Execution Vulnerability Critical Unreviewed
CVE-2021-43899 was published Dec 16, 2021
Internally used text extraction reports allow an attacker to inject code that can be executed by... Critical Unreviewed
CVE-2021-44231 was published Dec 15, 2021
Code Injection in node-rules Critical
CVE-2020-7609 was published for node-rules (npm) Dec 10, 2021
Code Injection in total4 Critical
CVE-2021-23390 was published for total4 (npm) Dec 10, 2021
Code Injection in total.js Critical
CVE-2021-23389 was published for total.js (npm) Dec 10, 2021
A code injection vulnerability in the Ivanti EPM Cloud Services Appliance (CSA) allows an... Critical Unreviewed
CVE-2021-44529 was published Dec 9, 2021
Critical vulnerability found in cron-utils Critical
CVE-2021-41269 was published for com.cronutils:cron-utils (Maven) Nov 15, 2021
NielsDoucet pwntester
Template injection in thymeleaf-spring5 Critical
CVE-2021-43466 was published for org.thymeleaf:thymeleaf-spring5 (Maven) Nov 10, 2021
Improper Control of Generation of Code ('Code Injection') in @asyncapi/modelina Critical
CVE-2023-23619 was published for @asyncapi/modelina (npm) Sep 21, 2021
jonaslagoni
Code injection in codiad Critical
CVE-2019-19208 was published for codiad/codiad (Composer) Sep 1, 2021
remote code execution via git repo provider Critical
CVE-2021-39159 was published for binderhub (pip) Aug 30, 2021
dreyercito rccern
Craft CMS Remote Code Injection Critical
CVE-2021-27903 was published for craftcms/cms (Composer) Jul 2, 2021
Dragonfly contains remote code execution vulnerability Critical
CVE-2021-33564 was published for dragonfly (RubyGems) Jun 2, 2021
Code Injection in node-extend Critical
CVE-2020-7673 was published for node-extend (npm) May 17, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database