Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,350
Erlang
31
GitHub Actions
22
Go
2,117
Maven
5,000+
npm
3,770
NuGet
680
pip
3,458
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

774 advisories

Loading
remote code execution via git repo provider Critical
CVE-2021-39159 was published for binderhub (pip) Aug 30, 2021
dreyercito rccern
Code injection in codiad Critical
CVE-2019-19208 was published for codiad/codiad (Composer) Sep 1, 2021
Improper Control of Generation of Code ('Code Injection') in @asyncapi/modelina Critical
CVE-2023-23619 was published for @asyncapi/modelina (npm) Sep 21, 2021
jonaslagoni
Template injection in thymeleaf-spring5 Critical
CVE-2021-43466 was published for org.thymeleaf:thymeleaf-spring5 (Maven) Nov 10, 2021
Critical vulnerability found in cron-utils Critical
CVE-2021-41269 was published for com.cronutils:cron-utils (Maven) Nov 15, 2021
NielsDoucet pwntester
A code injection vulnerability in the Ivanti EPM Cloud Services Appliance (CSA) allows an... Critical Unreviewed
CVE-2021-44529 was published Dec 9, 2021
Code Injection in total.js Critical
CVE-2021-23389 was published for total.js (npm) Dec 10, 2021
Code Injection in total4 Critical
CVE-2021-23390 was published for total4 (npm) Dec 10, 2021
Code Injection in node-rules Critical
CVE-2020-7609 was published for node-rules (npm) Dec 10, 2021
Internally used text extraction reports allow an attacker to inject code that can be executed by... Critical Unreviewed
CVE-2021-44231 was published Dec 15, 2021
Microsoft 4K Wireless Display Adapter Remote Code Execution Vulnerability Critical Unreviewed
CVE-2021-43899 was published Dec 16, 2021
Microsoft Defender for IoT Remote Code Execution Vulnerability This CVE ID is unique from CVE... Critical Unreviewed
CVE-2021-43882 was published Dec 16, 2021
Bot Framework SDK Remote Code Execution Vulnerability Critical Unreviewed
CVE-2021-43225 was published Dec 16, 2021
Windows Encrypting File System (EFS) Remote Code Execution Vulnerability Critical Unreviewed
CVE-2021-43217 was published Dec 16, 2021
iSNS Server Memory Corruption Vulnerability Can Lead to Remote Code Execution Critical Unreviewed
CVE-2021-43215 was published Dec 16, 2021
Web Media Extensions Remote Code Execution Vulnerability Critical Unreviewed
CVE-2021-43214 was published Dec 16, 2021
Microsoft Defender for IoT Remote Code Execution Vulnerability This CVE ID is unique from CVE... Critical Unreviewed
CVE-2021-42311 was published Dec 16, 2021
Microsoft Defender for IoT Remote Code Execution Vulnerability This CVE ID is unique from CVE... Critical Unreviewed
CVE-2021-42310 was published Dec 16, 2021
Code Injection in md-to-pdf. Critical
CVE-2021-23639 was published for md-to-pdf (npm) Dec 16, 2021
HHEE system has a Code Injection vulnerability.Successful exploitation of this vulnerability may... Critical Unreviewed
CVE-2021-39979 was published Jan 4, 2022
Microsoft Exchange Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE... Critical Unreviewed
CVE-2022-21846 was published Jan 12, 2022
Server Side Twig Template Injection Critical
CVE-2022-21686 was published for prestashop/prestashop (Composer) Jan 27, 2022
Brum3ns
Code injection in ShenYu Critical
CVE-2021-45029 was published for org.apache.shenyu:shenyu-common (Maven) Jan 28, 2022
Joplin Vulnerable to Code Injection Critical
CVE-2022-23340 was published for joplin (npm) Feb 9, 2022
iCMS <= 8.0.0 allows users to add and render a comtom template, which has a SSTI vulnerability... Critical Unreviewed
CVE-2021-44978 was published Feb 9, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database