GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
694 advisories
Spring Boot Admins integrated notifier support allows arbitrary code execution
High
CVE-2022-46166
was published
for
de.codecentric:spring-boot-admin
(Maven)
Dec 9, 2022
PaddlePaddle vulnerable to Code Injection
Critical
CVE-2022-46742
was published
for
paddlepaddle
(pip)
Dec 7, 2022
GitPython vulnerable to Remote Code Execution due to improper user input validation
Critical
CVE-2022-24439
was published
for
GitPython
(pip)
Dec 6, 2022
ff4j is vulnerable to Remote Code Execution (RCE)
Critical
CVE-2022-44262
was published
for
org.ff4j:ff4j-core
(Maven)
Dec 1, 2022
Zenario CMS is vulnerable to Remote Code Execution (RCE).
Critical
CVE-2022-44136
was published
for
tribalsystems/zenario
(Composer)
Nov 30, 2022
Code injection in quarkus dev ui config editor
Critical
CVE-2022-4116
was published
for
io.quarkus:quarkus-vertx-http-deployment
(Maven)
Nov 22, 2022
RCE vulnerability in Pimcore/Mail & Dynamic Text Layout
Critical
CVE-2022-39365
was published
for
pimcore/pimcore
(Composer)
Oct 29, 2022
run-terraform allows for RCE via terraform plan
High
CVE-2022-39326
was published
for
kartverket/github-workflows
(GitHub Actions)
Oct 19, 2022
October CMS Safe Mode bypass leads to authenticated Remote Code Execution
High
CVE-2022-35944
was published
for
october/system
(Composer)
Oct 13, 2022
joblib vulnerable to arbitrary code execution
Critical
CVE-2022-21797
was published
for
joblib
(pip)
Sep 27, 2022
ProTip!
Advisories are also available from the
GraphQL API