GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,272
Erlang
31
GitHub Actions
21
Go
2,047
Maven
5,000+
npm
3,739
NuGet
668
pip
3,415
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
13 advisories
Filter by severity
Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Saso...
Critical
Unreviewed
CVE-2024-52427
was published
Nov 18, 2024
Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Supsystic...
Critical
Unreviewed
CVE-2024-52434
was published
Nov 18, 2024
Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Podlove...
Critical
Unreviewed
CVE-2024-52393
was published
Nov 14, 2024
Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Supsystic...
Critical
Unreviewed
CVE-2024-48042
was published
Oct 16, 2024
: Improper Neutralization of Special Elements Used in a Template Engine vulnerability in...
Critical
Unreviewed
CVE-2024-49271
was published
Oct 16, 2024
changedetection.io has a Server Side Template Injection using Jinja2 which allows Remote Command Execution
Critical
CVE-2024-32651
was published
for
changedetection.io
(pip)
Oct 15, 2024
The WPML plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and...
Critical
Unreviewed
CVE-2024-6386
was published
Aug 21, 2024
document-merge-service vulnerable to Remote Code Execution via Server-Side Template Injection
Critical
CVE-2024-37301
was published
for
document-merge-service
(pip)
Jun 11, 2024
Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection...
Critical
Unreviewed
CVE-2024-23692
was published
May 31, 2024
Shopware Remote Code Execution Vulnerability
Critical
GHSA-83jv-4prm-34g7
was published
for
shopware/shopware
(Composer)
May 21, 2024
Gibbon through 26.0.00 allows /modules/School%20Admin/messengerSettings.php Server Side Template...
Critical
Unreviewed
CVE-2024-24724
was published
Apr 3, 2024
Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository alfio...
Critical
Unreviewed
CVE-2023-2259
was published
Apr 24, 2023
RCE in Mingsoft MCMS
Critical
CVE-2022-22930
was published
for
net.mingsoft:ms-mcms
(Maven)
Jan 22, 2022
ProTip!
Advisories are also available from the
GraphQL API