GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,037
Composer 4,067
Erlang 29
GitHub Actions 19
Go 1,891
Maven 5,089
npm 3,623
NuGet 638
pip 3,235
Pub 10
RubyGems 857
Rust 818
Swift 35

Unreviewed advisories

All unreviewed 228,138

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

39 advisories

Filter by severity

Sort by

Least recently updated

Expression Language Injection vulnerability in Hitachi Tuning Manager on Windows, Linux, Solaris... High Unreviewed

CVE-2024-5828 was published Aug 6, 2024

Expression Language Injection vulnerability in Hitachi Global Link Manager on Windows allows Code... High Unreviewed

CVE-2024-0715 was published Feb 20, 2024

Archive, check and export commands in Chef InSpec prior to 4.56.58 and 5.22.29 allow local... High Unreviewed

CVE-2023-42658 was published Oct 31, 2023

Apache Ambari Expression Language Injection vulnerability High

CVE-2022-42009 was published for org.apache.ambari:ambari (Maven) Jul 12, 2023

Apache Ambari Expression Language Injection vulnerability High

CVE-2022-45855 was published for org.apache.ambari:ambari (Maven) Jul 12, 2023

Apache Jena Expression Language Injection vulnerability High

CVE-2023-32200 was published for org.apache.jena:jena (Maven) Jul 12, 2023

Spring Framework vulnerable to denial of service High

CVE-2023-20863 was published for org.springframework:spring-expression (Maven) Apr 13, 2023

Eclipse Keti is a service that was designed to protect RESTfuls API using Attribute Based Access... High Unreviewed

CVE-2021-32834 was published May 24, 2022

ObjectPlanet Opinio before 7.14 allows Expression Language Injection via the admin/permissionList... High Unreviewed

CVE-2020-26565 was published May 24, 2022

A perfaddormoddevicemonitor expression language injection remote code execution vulnerability was... High Unreviewed

CVE-2020-7194 was published May 24, 2022

A iccselectrules expression language injection remote code execution vulnerability was discovered... High Unreviewed

CVE-2020-7195 was published May 24, 2022

A tvxlanlegend expression language injection remote code execution vulnerability was discovered... High Unreviewed

CVE-2020-7185 was published May 24, 2022

A viewbatchtaskresultdetailfact expression language injection remote code execution vulnerability... High Unreviewed

CVE-2020-7184 was published May 24, 2022

A faultflasheventselectfact expression language injectionremote code execution vulnerability was... High Unreviewed

CVE-2020-7189 was published May 24, 2022

A reportpage index expression language injection remote code execution vulnerability was... High Unreviewed

CVE-2020-7187 was published May 24, 2022

A userselectpagingcontent expression language injection remote code execution vulnerability was... High Unreviewed

CVE-2020-7188 was published May 24, 2022

A devicethresholdconfig expression language injection remote code execution vulnerability was... High Unreviewed

CVE-2020-7192 was published May 24, 2022

A deviceselect expression language injection remote code execution vulnerability was discovered... High Unreviewed

CVE-2020-7190 was published May 24, 2022

A devsoftsel expression language injection remote code execution vulnerability was discovered in... High Unreviewed

CVE-2020-7191 was published May 24, 2022

A powershellconfigcontent expression language injection remote code execution vulnerability was... High Unreviewed

CVE-2020-7186 was published May 24, 2022

A ictexpertcsvdownload expression language injection remote code execution vulnerability was... High Unreviewed

CVE-2020-7193 was published May 24, 2022

A iccselectdymicparam expression language injection remote code execution vulnerability was... High Unreviewed

CVE-2020-7175 was published May 24, 2022

A wmiconfigcontent expression language injection remote code execution vulnerability was... High Unreviewed

CVE-2020-7177 was published May 24, 2022

A smsrulesdownload expression language injection remote code execution vulnerability was... High Unreviewed

CVE-2020-7181 was published May 24, 2022

A sshconfig expression language injection remote code execution vulnerability was discovered in... High Unreviewed

CVE-2020-7182 was published May 24, 2022

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

39 advisories