GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
4,765 advisories
Code Injection in PHPUnit
Critical
CVE-2017-9841
was published
for
phpunit/phpunit
(Composer)
Mar 26, 2022
Remote Code Execution Vulnerability in NPM mongo-express
Critical
CVE-2019-10758
was published
for
mongo-express
(npm)
Dec 30, 2019
Improper Control of Generation of Code ('Code Injection') in jai-ext
Critical
CVE-2022-24816
was published
for
it.geosolutions.jaiext.jiffle:jt-jiffle
(Maven)
Sep 19, 2023
Spring Cloud Function Code Injection with a specially crafted SpEL as a routing expression
Critical
CVE-2022-22963
was published
for
org.springframework.cloud:spring-cloud-function-context
(Maven)
Apr 3, 2022
Remote Code Execution in Spring Framework
Critical
CVE-2022-22965
was published
for
org.springframework.boot:spring-boot-starter-web
(Maven)
Mar 31, 2022
Remote Code Execution (RCE) vulnerability in geoserver
Critical
CVE-2024-36401
was published
for
org.geoserver.web:gs-web-app
(Maven)
Jul 1, 2024
Craft CMS has potential RCE when PHP `register_argc_argv` config setting is enabled
Critical
CVE-2024-56145
was published
for
craftcms/cms
(Composer)
Dec 18, 2024
ProTip!
Advisories are also available from the
GraphQL API