Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,688
Erlang
34
GitHub Actions
27
Go
2,274
Maven
5,000+
npm
3,931
NuGet
706
pip
3,697
Pub
12
RubyGems
919
Rust
955
Swift
38
Unreviewed advisories
All unreviewed
5,000+

30 advisories

Loading
Apache Kylin Code Injection via JDBC Configuration Alteration Low
CVE-2025-30067 was published for org.apache.kylin:kylin (Maven) Mar 27, 2025
A vulnerability, which was classified as problematic, was found in lmxcms 1.41. Affected is an... Low Unreviewed
CVE-2025-1465 was published Feb 19, 2025
An error related to the 2-factor authorization (2FA) on the RISC Platform prior to the saas-2021... Low Unreviewed
CVE-2021-41527 was published Feb 7, 2025
An issue was discovered in Infinera hiT 7300 5.60.50. A web application allows a remote... Low Unreviewed
CVE-2024-28811 was published Sep 30, 2024
Improper Control of Generation of Code ('Code Injection') in Electron Fuses in Logitech Options... Low Unreviewed
CVE-2024-8258 was published Sep 10, 2024
Setting SMS media allows to set GSM modem file. Later this file is used as Linux device. But due... Low Unreviewed
CVE-2024-22123 was published Aug 12, 2024
A potential JSON injection attack vector exists in PingFederate REST API data stores using the... Low Unreviewed
CVE-2024-21832 was published Jul 10, 2024
In Helix ALM versions prior to 2024.2.0, a local command injection was identified. Reported by... Low Unreviewed
CVE-2024-3995 was published Jun 29, 2024
In Helix Sync versions prior to 2024.1, a local command injection was identified. Reported by... Low Unreviewed
CVE-2024-0325 was published Feb 2, 2024
The SolarWinds Platform was susceptible to the Incorrect Input Neutralization Vulnerability. This... Low Unreviewed
CVE-2023-33229 was published Jul 26, 2023
Improper Control of Generation of Code ('Code Injection') in mdx-mermaid Low
CVE-2022-36036 was published for mdx-mermaid (npm) Aug 31, 2022
sjwall
cPanel before 71.9980.37 allows code injection in the WHM cPAddons interface (SEC-394). Low Unreviewed
CVE-2018-20896 was published May 24, 2022
CRLF injection vulnerability in Bugzilla before 3.2.9, 3.4.x before 3.4.9, 3.6.x before 3.6.3,... Low Unreviewed
CVE-2010-3172 was published May 17, 2022
(1) AlbumTab.py, (2) ArtistTab.py, (3) LinksTab.py, and (4) LyricsTab.py in the Context module in... Low Unreviewed
CVE-2012-3355 was published May 17, 2022
CRLF injection vulnerability in IBM WebSphere Portal 6.1.0.x before 6.1.0.3 CF26, 6.1.5.x before... Low Unreviewed
CVE-2013-2950 was published May 17, 2022
CRLF injection vulnerability in the Web Application Enterprise Console in IBM InfoSphere... Low Unreviewed
CVE-2013-3998 was published May 17, 2022
The PPP dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before 1.6.9, and 1.8.x before 1.8.1... Low Unreviewed
CVE-2012-4048 was published May 17, 2022
epan/dissectors/packet-ieee80211.c in the IEEE 802.11 dissector in Wireshark 1.6.x before 1.6.6... Low Unreviewed
CVE-2012-1594 was published May 14, 2022
epan/dissectors/packet-nfs.c in the NFS dissector in Wireshark 1.4.x before 1.4.14, 1.6.x before... Low Unreviewed
CVE-2012-4049 was published May 14, 2022
Microsoft Exchange Server 2007 SP3 and 2010 SP1 and SP2 allows remote authenticated users to... Low Unreviewed
CVE-2012-4791 was published May 14, 2022
CRLF injection vulnerability in load.php in the Local Management Interface (LMI) on the IBM... Low Unreviewed
CVE-2010-0155 was published May 2, 2022
src/configure.in in Vim 5.0 through 7.1, when used for a build with Python support, does not... Low Unreviewed
CVE-2008-3294 was published May 1, 2022
CRLF injection vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and... Low Unreviewed
CVE-2008-0456 was published May 1, 2022
CRLF injection vulnerability in Utils.py in Mailman before 2.1.9rc1 allows remote attackers to... Low Unreviewed
CVE-2006-4624 was published May 1, 2022
Argument injection vulnerability in the URI handler in Skype 2.0.*.104 and 2.5.*.0 through 2.5.*... Low Unreviewed
CVE-2006-2312 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database