GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,795

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

51 advisories

Filter by severity

Sort by

Least recently updated

Voltronic Power ViewPower Pro Expression Language Injection Remote Code Execution Vulnerability.... Critical Unreviewed

CVE-2023-51593 was published May 3, 2024

Expression Language Injection vulnerability in Hitachi Replication Manager on Windows, Linux,... Critical Unreviewed

CVE-2022-4146 was published Jul 18, 2023

Databasir v1.0.7 was discovered to contain a remote code execution (RCE) vulnerability via the... Critical Unreviewed

CVE-2023-27821 was published Mar 28, 2023

Liima before 1.17.28 allows server-side template injection. Critical Unreviewed

CVE-2023-26092 was published Feb 20, 2023

Nepxion Discovery vulnerable to SpEL Injection leading to Remote Code Execution Critical

CVE-2022-23463 was published for com.nepxion:discovery (Maven) Sep 25, 2022

SpEL Injection in Spring Data MongoDB Critical

CVE-2022-22980 was published for org.springframework.data:spring-data-mongodb (Maven) Jun 24, 2022

A selectusergroup expression language injection remote code execution vulnerability was... Critical Unreviewed

CVE-2020-7168 was published May 24, 2022

A quicktemplateselect expression language injection remote code execution vulnerability was... Critical Unreviewed

CVE-2020-7167 was published May 24, 2022

A select expression language injection remote code execution vulnerability was discovered in HPE... Critical Unreviewed

CVE-2020-7170 was published May 24, 2022

A faultparasset expression language injection remote code execution vulnerability was discovered... Critical Unreviewed

CVE-2020-7152 was published May 24, 2022

A perfselecttask expression language injection remote code execution vulnerability was discovered... Critical Unreviewed

CVE-2020-7158 was published May 24, 2022

A customtemplateselect expression language injection remote code execution vulnerability was... Critical Unreviewed

CVE-2020-7159 was published May 24, 2022

A operationselect expression language injection remote code execution vulnerability was... Critical Unreviewed

CVE-2020-7164 was published May 24, 2022

A iccselectcommand expression language injection remote code execution vulnerability was... Critical Unreviewed

CVE-2020-7165 was published May 24, 2022

A operatorgroupselectcontent expression language injection remote code execution vulnerability... Critical Unreviewed

CVE-2020-7162 was published May 24, 2022

A navigationto expression language injection remote code execution vulnerability was discovered... Critical Unreviewed

CVE-2020-7163 was published May 24, 2022

A reporttaskselect expression language injection remote code execution vulnerability was... Critical Unreviewed

CVE-2020-7161 was published May 24, 2022

A operatorgrouptreeselectcontent expression language injection remote code execution... Critical Unreviewed

CVE-2020-7166 was published May 24, 2022

A ictexpertcsvdownload expression language injection remote code execution vulnerability was... Critical Unreviewed

CVE-2020-7169 was published May 24, 2022

A faultstatchoosefaulttype expression language injection remote code execution vulnerability was... Critical Unreviewed

CVE-2020-7150 was published May 24, 2022

A faulttrapgroupselect expression language injection remote code execution vulnerability was... Critical Unreviewed

CVE-2020-7151 was published May 24, 2022

A ifviewselectpage expression language injection remote code execution vulnerability was... Critical Unreviewed

CVE-2020-7154 was published May 24, 2022

A faultinfo_content expression language injection remote code execution vulnerability was... Critical Unreviewed

CVE-2020-7156 was published May 24, 2022

A iccselectdevtype expression language injection remote code execution vulnerability was... Critical Unreviewed

CVE-2020-7153 was published May 24, 2022

A select expression language injection remote code execution vulnerability was discovered in HPE... Critical Unreviewed

CVE-2020-7155 was published May 24, 2022

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

51 advisories