Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

76 advisories

Loading
actionpack CRLF injection vulnerability Moderate
CVE-2011-3186 was published for actionpack (RubyGems) Oct 24, 2017
Arbitrary Code Injection in mobile-icon-resizer Moderate
GHSA-mxjr-xmcg-fg7w was published for mobile-icon-resizer (npm) Jun 27, 2019
Object injection in cookie driver in phpfastcache Moderate
CVE-2019-16774 was published for phpfastcache/phpfastcache (Composer) Dec 12, 2019
Geolim4
Template Injection in jsrender Moderate
CVE-2016-3942 was published for jsrender (npm) Sep 1, 2020
Arbitrary Code Execution in blazar-dashboard Moderate
CVE-2020-26943 was published for blazar-dashboard (pip) Oct 27, 2020
Code Injection in mquery Moderate
CVE-2020-35149 was published for mquery (npm) Dec 18, 2020
XStream is vulnerable to a Remote Command Execution attack Moderate
CVE-2021-21345 was published for com.thoughtworks.xstream:xstream (Maven) Mar 22, 2021
Code Injection, Race Condition, and Execution with Unnecessary Privileges in Ansible Moderate
CVE-2020-10684 was published for ansible (pip) Apr 7, 2021
Insecure template handling in express-hbs Moderate
CVE-2021-32817 was published for express-hbs (npm) May 17, 2021
richardfan0606
Denial of service in Valine Moderate
CVE-2021-34801 was published for valine (npm) Jun 21, 2021
PHP file inclusion via insert tags Moderate
CVE-2021-37626 was published for contao/contao (Composer) Aug 23, 2021
ausi
Code Injection in SLO Generator Moderate
CVE-2021-22557 was published for slo-generator (pip) Oct 5, 2021
Code injection in `saved_model_cli` Moderate
CVE-2021-41228 was published for tensorflow (pip) Nov 10, 2021
vault-cli contains possible RCE when reading user-defined data Moderate
CVE-2021-43837 was published for vault-cli (pip) Dec 16, 2021
ewjoachim
Code injection in npm git Moderate
CVE-2021-23632 was published for git (npm) Mar 18, 2022
Mortbay Jetty CRLF Injection Vulnerability Moderate
CVE-2007-5615 was published for org.mortbay.jetty:jetty (Maven) May 1, 2022
Robocode Arbitrary Code Execution Moderate
CVE-2007-6382 was published for net.sf.robocode:robocode.core (Maven) May 1, 2022
Apache Struts's DebuggingInterceptor component allows remote code execution in developer mode Moderate
CVE-2012-0394 was published for org.apache.struts.xwork:xwork-core (Maven) May 4, 2022
sunSUNQ MarkLee131
Improper Control of Generation of Code in Apache Kafka Moderate
CVE-2018-1288 was published for org.apache.kafka:kafka (Maven) May 13, 2022
Moodle Authenticated Spelling Binary Remote Code Execution Moderate
CVE-2013-3630 was published for moodle/moodle (Composer) May 13, 2022
Securimage HTML Injection Moderate
CVE-2017-14077 was published for dapphp/securimage (Composer) May 13, 2022
Apache Tomcat Unrestricted file upload vulnerability Moderate
CVE-2013-4444 was published for org.apache.tomcat:tomcat (Maven) May 13, 2022
Moodle remote code execution via quiz questions Moderate
CVE-2014-3545 was published for moodle/moodle (Composer) May 13, 2022
MarkLee131
ProTip! Advisories are also available from the GraphQL API