GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
21
Go
2,094
Maven
5,000+
npm
3,759
NuGet
678
pip
3,445
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+
63 advisories
Filter by severity
xwiki-platform-administration-ui vulnerable to privilege escalation
Critical
CVE-2023-29511
was published
for
org.xwiki.platform:xwiki-platform-administration-ui
(Maven)
Apr 12, 2023
org.xwiki.platform:xwiki-platform-panels-ui Eval Injection vulnerability
Critical
CVE-2023-29214
was published
for
org.xwiki.platform:xwiki-platform-panels-ui
(Maven)
Apr 12, 2023
xwiki.platform:xwiki-platform-panels-ui Eval Injection vulnerability
Critical
CVE-2023-29212
was published
for
org.xwiki.platform:xwiki-platform-panels-ui
(Maven)
Apr 12, 2023
org.xwiki.platform:xwiki-platform-wiki-ui-mainwiki Eval Injection vulnerability
Critical
CVE-2023-29211
was published
for
org.xwiki.platform:xwiki-platform-wiki-ui-mainwiki
(Maven)
Apr 12, 2023
org.xwiki.platform:xwiki-platform-legacy-notification-activitymacro Eval Injection vulnerability
Critical
CVE-2023-29209
was published
for
org.xwiki.platform:xwiki-platform-legacy-notification-activitymacro
(Maven)
Apr 12, 2023
org.xwiki.platform:xwiki-platform-flamingo-theme-ui Eval Injection vulnerability
Critical
CVE-2023-29509
was published
for
org.xwiki.platform:xwiki-platform-flamingo-theme-ui
(Maven)
Apr 12, 2023
org.xwiki.platform:xwiki-platform-flamingo-theme-ui Eval Injection vulnerability
Critical
CVE-2023-26477
was published
for
org.xwiki.platform:xwiki-platform-flamingo-theme-ui
(Maven)
Mar 3, 2023
Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in AttachmentSelector.xml
Critical
CVE-2022-41928
was published
for
org.xwiki.platform:xwiki-platform-attachment-ui
(Maven)
Nov 21, 2022
Improper Neutralization of Directives in Dynamically Evaluated Code ('Eval Injection') in xwiki-platform-icon-ui
Critical
CVE-2022-41931
was published
for
org.xwiki.platform:xwiki-platform-icon-ui
(Maven)
Nov 21, 2022
React Editable Json Tree vulnerable to arbitrary code execution via function parsing
Critical
CVE-2022-36010
was published
for
react-editable-json-tree
(npm)
Aug 18, 2022
A function module of SAP NetWeaver AS ABAP (Reconciliation Framework), versions - 700, 701, 702,...
High
Unreviewed
CVE-2021-33678
was published
May 24, 2022
PrestaShop eval injection possible if shop vulnerable to SQL injection
Critical
CVE-2022-31181
was published
for
prestashop/prestashop
(Composer)
Jul 29, 2022
Remote Code Execution Through Image Uploads in BookStack
High
CVE-2020-5256
was published
for
ssddanbrown/bookstack
(Composer)
Mar 13, 2020
ProTip!
Advisories are also available from the
GraphQL API