GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,303
Erlang
31
GitHub Actions
21
Go
2,072
Maven
5,000+
npm
3,744
NuGet
669
pip
3,430
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+
4,034 advisories
Filter by severity
Joplin Vulnerable to Code Injection
Critical
CVE-2022-23340
was published
for
joplin
(npm)
Feb 9, 2022
Code injection in ShenYu
Critical
CVE-2021-45029
was published
for
org.apache.shenyu:shenyu-common
(Maven)
Jan 28, 2022
Withdrawn: Code Injection in loguru
Low
CVE-2022-0329
was published
for
loguru
(pip)
Jan 28, 2022
•
withdrawn
Server Side Twig Template Injection
Critical
CVE-2022-21686
was published
for
prestashop/prestashop
(Composer)
Jan 27, 2022
Mustache remote code injection vulnerability
High
CVE-2022-0323
was published
for
mustache/mustache
(Composer)
Jan 27, 2022
jpress 4.2.0 is vulnerable to remote code execution via io.jpress.module.page.PageNotifyKit...
High
Unreviewed
CVE-2021-46117
was published
Jan 27, 2022
jpress 4.2.0 is vulnerable to remote code execution via io.jpress.module.article.kit...
High
Unreviewed
CVE-2021-46118
was published
Jan 27, 2022
jpress v 4.2.0 is vulnerable to RCE via io.jpress.module.product.ProductNotifyKit#doSendEmail....
High
Unreviewed
CVE-2021-46114
was published
Jan 27, 2022
On NGINX Controller API Management versions 3.18.0-3.19.0, an authenticated attacker with access...
High
Unreviewed
CVE-2022-23008
was published
Jan 26, 2022
Code Injection in microweber
High
CVE-2022-0282
was published
for
microweber/microweber
(Composer)
Jan 21, 2022
A code injection vulnerability in Trend Micro Deep Security and Cloud One - Workload Security...
High
Unreviewed
CVE-2022-23120
was published
Jan 21, 2022
Tenable.sc versions 5.14.0 through 5.19.1 were found to contain a remote code execution...
High
Unreviewed
CVE-2022-0130
was published
Jan 15, 2022
october/system arbitrary code execution
High
CVE-2021-32650
was published
for
october/system
(Composer)
Jan 14, 2022
October/System authenticated file write leads to remote code execution
High
CVE-2021-32649
was published
for
october/system
(Composer)
Jan 14, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2021-34994
was published
Jan 14, 2022
Microsoft SharePoint Server Remote Code Execution Vulnerability.
High
Unreviewed
CVE-2022-21837
was published
Jan 12, 2022
Microsoft Office Remote Code Execution Vulnerability.
High
Unreviewed
CVE-2022-21840
was published
Jan 12, 2022
Microsoft Word Remote Code Execution Vulnerability.
High
Unreviewed
CVE-2022-21842
was published
Jan 12, 2022
Microsoft Exchange Server Remote Code Execution Vulnerability. This CVE ID is unique from CVE...
Critical
Unreviewed
CVE-2022-21846
was published
Jan 12, 2022
Windows Security Center API Remote Code Execution Vulnerability.
High
Unreviewed
CVE-2022-21874
was published
Jan 12, 2022
Windows Geolocation Service Remote Code Execution Vulnerability.
High
Unreviewed
CVE-2022-21878
was published
Jan 12, 2022
HEVC Video Extensions Remote Code Execution Vulnerability.
High
Unreviewed
CVE-2022-21917
was published
Jan 12, 2022
Windows Resilient File System (ReFS) Remote Code Execution Vulnerability. This CVE ID is unique...
Moderate
Unreviewed
CVE-2022-21928
was published
Jan 12, 2022
A vulnerability using PendingIntent in Reminder prior to version 12.2.05.0 in Android R(11.0) and...
High
Unreviewed
CVE-2022-22285
was published
Jan 11, 2022
A vulnerability using PendingIntent in Bixby Routines prior to version 3.1.21.8 in Android R(11.0...
High
Unreviewed
CVE-2022-22286
was published
Jan 11, 2022
ProTip!
Advisories are also available from the
GraphQL API