Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

2,343 advisories

Loading
Code injection in spring-cloud-netflix-hystrix-dashboard High
CVE-2021-22053 was published for org.springframework.cloud:spring-cloud-netflix-hystrix-dashboard (Maven) Nov 23, 2021
Cobbler before 3.3.0 allows log poisoning High
CVE-2021-40323 was published for cobbler (pip) Oct 5, 2021
Improper Input Validation and Command Injection in Ansible High
CVE-2021-3583 was published for ansible (pip) Sep 23, 2021
Code Injection in pac-resolver High
CVE-2021-23406 was published for degenerator (npm) Sep 2, 2021
seng1e
Code Injection in total.js High
CVE-2021-32831 was published for total.js (npm) Sep 1, 2021
Code injection in nbgitpuller High
CVE-2021-39160 was published for nbgitpuller (pip) Aug 30, 2021
Remote code execution in better-macro High
CVE-2021-38196 was published for better-macro (Rust) Aug 25, 2021
XStream is vulnerable to a Remote Command Execution attack High
CVE-2021-39144 was published for com.thoughtworks.xstream:xstream (Maven) Aug 25, 2021
Code injection issue for java-spring-cloud-stream-template High
CVE-2021-37694 was published for @asyncapi/java-spring-cloud-stream-template (npm) Aug 25, 2021
jonaslagoni
Code injection in Narou High
CVE-2021-35514 was published for narou (RubyGems) Jul 2, 2021
Remote Code Execution vulnerability in PHPMailer 6.4.1 running on Windows High
CVE-2021-34551 was published for phpmailer/phpmailer (Composer) Jun 22, 2021
Remote Command Execution in reg-keygen-git-hash-plugin High
CVE-2021-32673 was published for reg-keygen-git-hash-plugin (npm) Jun 8, 2021
progfay
XStream is vulnerable to a Remote Command Execution attack High
CVE-2021-29505 was published for com.thoughtworks.xstream:xstream (Maven) May 18, 2021
Script injection without script or programming rights through Gadget titles High
CVE-2021-32621 was published for org.xwiki.commons:xwiki-commons-core (Maven) May 18, 2021
Code Injection in mosc High
CVE-2020-7672 was published for mosc (npm) May 17, 2021
Improper Input Validation and Code Injection in pdf-image High
CVE-2020-8132 was published for pdf-image (npm) May 10, 2021
Arbitrary Code Execution in shiba High
CVE-2020-7738 was published for shiba (npm) May 10, 2021
Code injection in blamer High
CVE-2020-8137 was published for blamer (npm) May 6, 2021
Command Injection in lodash High
CVE-2021-23337 was published for lodash (npm) May 6, 2021
mitchell-codecov nitaiapiiro
ebickle
Code Injection in oauth2-server High
CVE-2017-18924 was published for oauth2-server (npm) Apr 22, 2021
Grav's Twig processing allowing dangerous PHP functions by default High
CVE-2021-29440 was published for getgrav/grav (Composer) Apr 16, 2021
thomas-chauchefoin-sonarsource
Code Injection in script-manager High
CVE-2020-8129 was published for script-manager (npm) Apr 13, 2021
ProTip! Advisories are also available from the GraphQL API