Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,342
Erlang
31
GitHub Actions
22
Go
2,106
Maven
5,000+
npm
3,764
NuGet
679
pip
3,451
Pub
12
RubyGems
892
Rust
886
Swift
37
Unreviewed advisories
All unreviewed
5,000+

103 advisories

Loading
A faultflasheventselectfact expression language injectionremote code execution vulnerability was... High Unreviewed
CVE-2020-7189 was published May 24, 2022
A deviceselect expression language injection remote code execution vulnerability was discovered... High Unreviewed
CVE-2020-7190 was published May 24, 2022
A viewbatchtaskresultdetailfact expression language injection remote code execution vulnerability... High Unreviewed
CVE-2020-7184 was published May 24, 2022
A ictexpertcsvdownload expression language injection remote code execution vulnerability was... High Unreviewed
CVE-2020-7193 was published May 24, 2022
A perfaddormoddevicemonitor expression language injection remote code execution vulnerability was... High Unreviewed
CVE-2020-7194 was published May 24, 2022
A sshconfig expression language injection remote code execution vulnerability was discovered in... High Unreviewed
CVE-2020-7182 was published May 24, 2022
A soapconfigcontent expression language injection remote code execution vulnerability was... High Unreviewed
CVE-2020-7174 was published May 24, 2022
A viewtaskresultdetailfact expression language injection remote code execution vulnerability was... High Unreviewed
CVE-2020-7176 was published May 24, 2022
A actionselectcontent expression language injection remote code execution vulnerability was... High Unreviewed
CVE-2020-7173 was published May 24, 2022
A thirdpartyperfselecttask expression language injection remote code execution vulnerability was... High Unreviewed
CVE-2020-7179 was published May 24, 2022
A select expression language injection remote code execution vulnerability was discovered in HPE... Critical Unreviewed
CVE-2020-7170 was published May 24, 2022
A faultdevparasset expression language injection remote code execution vulnerability was... Critical Unreviewed
CVE-2020-7143 was published May 24, 2022
A comparefilesresult expression language injection remote code execution vulnerability was... Critical Unreviewed
CVE-2020-7144 was published May 24, 2022
A ictexpertcsvdownload expression language injection remote code execution vulnerability was... Critical Unreviewed
CVE-2020-7149 was published May 24, 2022
A faulttrapgroupselect expression language injection remote code execution vulnerability was... Critical Unreviewed
CVE-2020-7151 was published May 24, 2022
A faultparasset expression language injection remote code execution vulnerability was discovered... Critical Unreviewed
CVE-2020-7152 was published May 24, 2022
A faultinfo_content expression language injection remote code execution vulnerability was... Critical Unreviewed
CVE-2020-7156 was published May 24, 2022
A perfselecttask expression language injection remote code execution vulnerability was discovered... Critical Unreviewed
CVE-2020-7158 was published May 24, 2022
A iccselectcommand expression language injection remote code execution vulnerability was... Critical Unreviewed
CVE-2020-7165 was published May 24, 2022
A selectusergroup expression language injection remote code execution vulnerability was... Critical Unreviewed
CVE-2020-7168 was published May 24, 2022
A quicktemplateselect expression language injection remote code execution vulnerability was... Critical Unreviewed
CVE-2020-7167 was published May 24, 2022
Arbitrary code execution in Richfaces Critical
CVE-2018-12533 was published for org.richfaces:richfaces-core (Maven) May 13, 2022
RichFaces vulnerable to Expression Language Injection Critical
CVE-2018-12532 was published for org.richfaces:richfaces-core (Maven) May 13, 2022
VMware Cloud Director 10.0.x before 10.0.0.2, 9.7.0.x before 9.7.0.5, 9.5.0.x before 9.5.0.6, and... Moderate Unreviewed
CVE-2020-3956 was published May 24, 2022
Nepxion Discovery vulnerable to SpEL Injection leading to Remote Code Execution Critical
CVE-2022-23463 was published for com.nepxion:discovery (Maven) Sep 25, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database