Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+

40 advisories

Loading
org.xwiki.platform:xwiki-platform-logging-ui Eval Injection vulnerability Critical
CVE-2023-29213 was published for org.xwiki.platform:xwiki-platform-logging-ui (Maven) Apr 12, 2023
xwiki.platform:xwiki-platform-panels-ui Eval Injection vulnerability Critical
CVE-2023-29212 was published for org.xwiki.platform:xwiki-platform-panels-ui (Maven) Apr 12, 2023
org.xwiki.platform:xwiki-platform-wiki-ui-mainwiki Eval Injection vulnerability Critical
CVE-2023-29211 was published for org.xwiki.platform:xwiki-platform-wiki-ui-mainwiki (Maven) Apr 12, 2023
org.xwiki.platform:xwiki-platform-notifications-ui Eval Injection vulnerability Critical
CVE-2023-29210 was published for org.xwiki.platform:xwiki-platform-notifications-ui (Maven) Apr 12, 2023
org.xwiki.platform:xwiki-platform-legacy-notification-activitymacro Eval Injection vulnerability Critical
CVE-2023-29209 was published for org.xwiki.platform:xwiki-platform-legacy-notification-activitymacro (Maven) Apr 12, 2023
The webservices in Proofpoint Enterprise Protection (PPS/POD) contain a vulnerability that allows... Critical Unreviewed
CVE-2023-0090 was published Mar 8, 2023
org.xwiki.platform:xwiki-platform-flamingo-theme-ui Eval Injection vulnerability Critical
CVE-2023-26477 was published for org.xwiki.platform:xwiki-platform-flamingo-theme-ui (Maven) Mar 3, 2023
Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in xwiki-platform-icon-ui Critical
CVE-2022-41931 was published for org.xwiki.platform:xwiki-platform-icon-ui (Maven) Nov 21, 2022
Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in AttachmentSelector.xml Critical
CVE-2022-41928 was published for org.xwiki.platform:xwiki-platform-attachment-ui (Maven) Nov 21, 2022
Dolibarr vulnerable to Eval Injection Critical
CVE-2022-40871 was published for dolibarr/dolibarr (Composer) Oct 12, 2022
XWiki Platform Wiki UI Main Wiki Eval Injection vulnerability Critical
CVE-2022-36099 was published for org.xwiki.platform:xwiki-platform-wiki-ui-mainwiki (Maven) Sep 16, 2022
XWiki Platform Applications Tag and XWiki Platform Tag UI vulnerable to Eval Injection Critical
CVE-2022-36100 was published for org.xwiki.platform.applications:xwiki-application-tag (Maven) Sep 16, 2022
React Editable Json Tree vulnerable to arbitrary code execution via function parsing Critical
CVE-2022-36010 was published for react-editable-json-tree (npm) Aug 18, 2022
Phanabani oxyno-zeta
PrestaShop eval injection possible if shop vulnerable to SQL injection Critical
CVE-2022-31181 was published for prestashop/prestashop (Composer) Jul 29, 2022
Eaton Intelligent Power Manager (IPM) prior to 1.69 is vulnerable to unauthenticated eval... Critical Unreviewed
CVE-2021-23277 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database