Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,359
Erlang
33
GitHub Actions
22
Go
2,126
Maven
5,000+
npm
3,787
NuGet
683
pip
3,467
Pub
12
RubyGems
894
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

4,114 advisories

Loading
Remote code execution in Apache Struts Critical
CVE-2020-17530 was published for org.apache.struts:struts2-core (Maven) Feb 9, 2022
Prototype Pollution leading to Remote Code Execution in superjson Critical
CVE-2022-23631 was published for blitz (npm) Feb 9, 2022
paul-gerste-sonarsource
Remote code execution in Apache ActiveMQ Critical
CVE-2020-11998 was published for org.apache.activemq:activemq-parent (Maven) Feb 9, 2022
sunSUNQ
iCMS <= 8.0.0 allows users to add and render a comtom template, which has a SSTI vulnerability... Critical Unreviewed
CVE-2021-44978 was published Feb 9, 2022
Joplin Vulnerable to Code Injection Critical
CVE-2022-23340 was published for joplin (npm) Feb 9, 2022
Code injection in ShenYu Critical
CVE-2021-45029 was published for org.apache.shenyu:shenyu-common (Maven) Jan 28, 2022
Withdrawn: Code Injection in loguru Low
CVE-2022-0329 was published for loguru (pip) Jan 28, 2022 withdrawn
Server Side Twig Template Injection Critical
CVE-2022-21686 was published for prestashop/prestashop (Composer) Jan 27, 2022
Brum3ns
Mustache remote code injection vulnerability High
CVE-2022-0323 was published for mustache/mustache (Composer) Jan 27, 2022
jpress 4.2.0 is vulnerable to remote code execution via io.jpress.module.page.PageNotifyKit... High Unreviewed
CVE-2021-46117 was published Jan 27, 2022
jpress 4.2.0 is vulnerable to remote code execution via io.jpress.module.article.kit... High Unreviewed
CVE-2021-46118 was published Jan 27, 2022
jpress v 4.2.0 is vulnerable to RCE via io.jpress.module.product.ProductNotifyKit#doSendEmail.... High Unreviewed
CVE-2021-46114 was published Jan 27, 2022
On NGINX Controller API Management versions 3.18.0-3.19.0, an authenticated attacker with access... High Unreviewed
CVE-2022-23008 was published Jan 26, 2022
Code Injection in microweber High
CVE-2022-0282 was published for microweber/microweber (Composer) Jan 21, 2022
A code injection vulnerability in Trend Micro Deep Security and Cloud One - Workload Security... High Unreviewed
CVE-2022-23120 was published Jan 21, 2022
Tenable.sc versions 5.14.0 through 5.19.1 were found to contain a remote code execution... High Unreviewed
CVE-2022-0130 was published Jan 15, 2022
october/system arbitrary code execution High
CVE-2021-32650 was published for october/system (Composer) Jan 14, 2022
sushiwushi
October/System authenticated file write leads to remote code execution High
CVE-2021-32649 was published for october/system (Composer) Jan 14, 2022
cydave
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2021-34994 was published Jan 14, 2022
Microsoft SharePoint Server Remote Code Execution Vulnerability. High Unreviewed
CVE-2022-21837 was published Jan 12, 2022
Microsoft Office Remote Code Execution Vulnerability. High Unreviewed
CVE-2022-21840 was published Jan 12, 2022
Microsoft Word Remote Code Execution Vulnerability. High Unreviewed
CVE-2022-21842 was published Jan 12, 2022
Microsoft Exchange Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE... Critical Unreviewed
CVE-2022-21846 was published Jan 12, 2022
Windows Security Center API Remote Code Execution Vulnerability. High Unreviewed
CVE-2022-21874 was published Jan 12, 2022
Windows Geolocation Service Remote Code Execution Vulnerability. High Unreviewed
CVE-2022-21878 was published Jan 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database