Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

48 advisories

Loading
Code injection issue for java-spring-cloud-stream-template High
CVE-2021-37694 was published for @asyncapi/java-spring-cloud-stream-template (npm) Aug 25, 2021
jonaslagoni
Remote Command Execution in reg-keygen-git-hash-plugin High
CVE-2021-32673 was published for reg-keygen-git-hash-plugin (npm) Jun 8, 2021
progfay
Code Injection in mosc High
CVE-2020-7672 was published for mosc (npm) May 17, 2021
Improper Input Validation and Code Injection in pdf-image High
CVE-2020-8132 was published for pdf-image (npm) May 10, 2021
Arbitrary Code Execution in shiba High
CVE-2020-7738 was published for shiba (npm) May 10, 2021
Code injection in blamer High
CVE-2020-8137 was published for blamer (npm) May 6, 2021
Command Injection in lodash High
CVE-2021-23337 was published for lodash (npm) May 6, 2021
mitchell-codecov nitaiapiiro
ebickle
Code Injection in oauth2-server High
CVE-2017-18924 was published for oauth2-server (npm) Apr 22, 2021
Code Injection in script-manager High
CVE-2020-8129 was published for script-manager (npm) Apr 13, 2021
Prototype Pollution in decal High
CVE-2020-28450 was published for decal (npm) Apr 13, 2021
Angular Expressions - Remote Code Execution High
CVE-2021-21277 was published for angular-expressions (npm) Feb 1, 2021
Command Injection in tree-kill High
CVE-2019-15599 was published for tree-kill (npm) Sep 4, 2020
Arbitrary Code Execution in handlebars High
GHSA-2cf5-4w76-r9qv was published for handlebars (npm) Sep 4, 2020
chalbersma
Arbitrary JavaScript Execution in typed-function High
CVE-2017-1001004 was published for typed-function (npm) Sep 2, 2020
Sandbox Breakout / Arbitrary Code Execution in static-eval High
GHSA-x9hc-rw35-f44h was published for static-eval (npm) Sep 2, 2020
Content Injection in remarkable High
CVE-2014-10065 was published for remarkable (npm) Aug 31, 2020
tdunlap607
Command injection in node-dns-sync High
CVE-2020-11079 was published for dns-sync (npm) May 28, 2020
Prototype pollution in dojo High
CVE-2020-5258 was published for dojo (npm) Mar 10, 2020
Command Injection in wiki-plugin-datalog High
GHSA-pm52-wwrw-c282 was published for wiki-plugin-datalog (npm) Jun 13, 2019
Remote Code Execution in node-os-utils High
GHSA-j9f8-8h89-j69x was published for node-os-utils (npm) Jun 11, 2019
Code Injection in js-yaml High
GHSA-8j8c-7jfh-h6hx was published for js-yaml (npm) Jun 4, 2019
xterm vulnerable to remote code execution High
CVE-2019-0542 was published for xterm (npm) Jan 14, 2019
Churro
Potential for Script Injection in syntax-error High
CVE-2014-7192 was published for syntax-error (npm) Oct 24, 2017
RDIL
ProTip! Advisories are also available from the GraphQL API