Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

30 advisories

Loading
Expression Language Injection vulnerability in Hitachi Tuning Manager on Windows, Linux, Solaris... High Unreviewed
CVE-2024-5828 was published Aug 6, 2024
Expression Language Injection vulnerability in Hitachi Global Link Manager on Windows allows Code... High Unreviewed
CVE-2024-0715 was published Feb 20, 2024
Archive, check and export commands in Chef InSpec prior to 4.56.58 and 5.22.29 allow local... High Unreviewed
CVE-2023-42658 was published Oct 31, 2023
Sonatype Nexus Repository Manager before 3.14 allows Java Expression Language Injection. High Unreviewed
CVE-2018-16621 was published May 13, 2022
An issue was discovered in ZZZCMS zzzphp V1.6.1. In the inc/zzz_template.php file, the... High Unreviewed
CVE-2019-9041 was published May 13, 2022
Eclipse Keti is a service that was designed to protect RESTfuls API using Attribute Based Access... High Unreviewed
CVE-2021-32834 was published May 24, 2022
ObjectPlanet Opinio before 7.14 allows Expression Language Injection via the admin/permissionList... High Unreviewed
CVE-2020-26565 was published May 24, 2022
A tvxlanlegend expression language injection remote code execution vulnerability was discovered... High Unreviewed
CVE-2020-7185 was published May 24, 2022
A userselectpagingcontent expression language injection remote code execution vulnerability was... High Unreviewed
CVE-2020-7188 was published May 24, 2022
A reportpage index expression language injection remote code execution vulnerability was... High Unreviewed
CVE-2020-7187 was published May 24, 2022
A ictexpertdownload expression language injection remote code execution vulnerability was... High Unreviewed
CVE-2020-7180 was published May 24, 2022
A forwardredirect expression language injection remote code execution vulnerability was... High Unreviewed
CVE-2020-7183 was published May 24, 2022
A wmiconfigcontent expression language injection remote code execution vulnerability was... High Unreviewed
CVE-2020-7177 was published May 24, 2022
A smsrulesdownload expression language injection remote code execution vulnerability was... High Unreviewed
CVE-2020-7181 was published May 24, 2022
A devicethresholdconfig expression language injection remote code execution vulnerability was... High Unreviewed
CVE-2020-7192 was published May 24, 2022
A mediaforaction expression language injection remote code execution vulnerability was discovered... High Unreviewed
CVE-2020-7178 was published May 24, 2022
A devsoftsel expression language injection remote code execution vulnerability was discovered in... High Unreviewed
CVE-2020-7191 was published May 24, 2022
A powershellconfigcontent expression language injection remote code execution vulnerability was... High Unreviewed
CVE-2020-7186 was published May 24, 2022
A iccselectdymicparam expression language injection remote code execution vulnerability was... High Unreviewed
CVE-2020-7175 was published May 24, 2022
A iccselectrules expression language injection remote code execution vulnerability was discovered... High Unreviewed
CVE-2020-7195 was published May 24, 2022
A viewbatchtaskresultdetailfact expression language injection remote code execution vulnerability... High Unreviewed
CVE-2020-7184 was published May 24, 2022
A faultflasheventselectfact expression language injectionremote code execution vulnerability was... High Unreviewed
CVE-2020-7189 was published May 24, 2022
A ictexpertcsvdownload expression language injection remote code execution vulnerability was... High Unreviewed
CVE-2020-7193 was published May 24, 2022
A perfaddormoddevicemonitor expression language injection remote code execution vulnerability was... High Unreviewed
CVE-2020-7194 was published May 24, 2022
A deviceselect expression language injection remote code execution vulnerability was discovered... High Unreviewed
CVE-2020-7190 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database