Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

58 advisories

Loading
CmsWing CMS 1.3.7 is affected by a Remote Code Execution (RCE) vulnerability via parameter: log rule Critical Unreviewed
CVE-2021-43736 was published Mar 24, 2022
Arbitrary code execution in H2 Console Critical
CVE-2022-23221 was published for com.h2database:h2 (Maven) Jan 21, 2022
Improper Neutralization of Argument Delimiters in a Decompiling Package Process in APKLeaks Critical
CVE-2021-21386 was published for APKLeaks (pip) Jan 21, 2022
Ry0taK
Credited to Ry0taK
Dragonfly contains remote code execution vulnerability Critical
CVE-2021-33564 was published for dragonfly (RubyGems) Jun 2, 2021
Command injection in nodemailer Critical
CVE-2020-7769 was published for nodemailer (npm) May 10, 2021
Remote code execution in PHPMailer Critical
CVE-2016-10033 was published for phpmailer/phpmailer (Composer) Mar 5, 2020
Prototype Pollution in mixin-deep Critical
CVE-2019-10746 was published for mixin-deep (npm) Aug 27, 2019
Arbitrary Code Execution in mathjs Critical
CVE-2017-1001003 was published for mathjs (npm) Dec 18, 2017
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database