GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,274
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,419
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
114 advisories
Filter by severity
PaddlePaddle vulnerable to code injection via winstr
Critical
CVE-2022-45908
was published
for
paddlepaddle
(pip)
Nov 26, 2022
Code injection in `saved_model_cli` in TensorFlow
High
CVE-2022-29216
was published
for
tensorflow
(pip)
May 24, 2022
Withdrawn: Code Injection in loguru
Low
CVE-2022-0329
was published
for
loguru
(pip)
Jan 28, 2022
•
withdrawn
Cobbler is vulnerable to code injection
High
CVE-2010-2235
was published
for
cobbler
(pip)
May 17, 2022
Apache Airflow Hive Provider vulnerable to code injection
Critical
CVE-2023-28706
was published
for
apache-airflow-providers-apache-hive
(pip)
Apr 7, 2023
pgadmin4 vulnerable to Code Injection
High
CVE-2022-4223
was published
for
pgadmin4
(pip)
Dec 13, 2022
Improper Control of Generation of Code ('Code Injection') in Azure CLI
High
CVE-2022-39327
was published
for
azure-cli
(pip)
Oct 25, 2022
Powerline Gitstatus vulnerable to arbitrary code execution
High
CVE-2022-42906
was published
for
powerline-gitstatus
(pip)
Oct 13, 2022
Reportlab vulnerable to remote code execution
High
CVE-2023-33733
was published
for
reportlab
(pip)
Jun 5, 2023
pandasai vulnerable to prompt injection
High
CVE-2023-39660
was published
for
pandasai
(pip)
Aug 21, 2023
PandasAI vulnerable to arbitrary code execution
Critical
CVE-2023-39661
was published
for
pandasai
(pip)
Aug 15, 2023
Cobbler vulnerable to code injection via unsafe YAML loading
Moderate
CVE-2011-4953
was published
for
cobbler
(pip)
May 17, 2022
Code execution in Embedchain
Critical
CVE-2024-23731
was published
for
embedchain
(pip)
Jan 21, 2024
Code Injection in paddlepaddle
Critical
CVE-2024-0521
was published
for
paddlepaddle
(pip)
Jan 20, 2024
OpenStack Object Storage (swift) Code Injection vulnerability
Critical
CVE-2012-4406
was published
for
swift
(pip)
May 17, 2022
vantage6 remote code execution vulnerability
High
CVE-2024-21649
was published
for
vantage6
(pip)
Jan 30, 2024
Cobbler Web Interface Kickstart Template Remote Privilege Escalation Vulnerability
High
CVE-2008-6954
was published
for
cobbler
(pip)
May 17, 2022
PaddlePaddle vulnerable to remote code execution
Critical
CVE-2024-0917
was published
for
paddlepaddle
(pip)
Mar 7, 2024
llama-index-core Prompt Injection vulnerability leading to Arbitrary Code Execution
Critical
CVE-2024-3098
was published
for
llama-index-core
(pip)
Apr 10, 2024
OpenStack Swift Unchecked user input in XML responses
High
CVE-2013-2161
was published
for
swift
(pip)
May 14, 2022
litellm passes untrusted data to `eval` function without sanitization
High
CVE-2024-4264
was published
for
litellm
(pip)
May 18, 2024
ProTip!
Advisories are also available from the
GraphQL API