Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

271 advisories

Loading
Potential for Script Injection in syntax-error High
CVE-2014-7192 was published for syntax-error (npm) Oct 24, 2017
RDIL
sprout Arbitrary Code Execution vulnerability High
CVE-2013-6421 was published for sprout (RubyGems) Oct 24, 2017
Webbynode Code Injection vulnerability High
CVE-2013-7086 was published for webbynode (RubyGems) Oct 24, 2017
Dragonfly Code Injection vulnerability High
CVE-2013-1756 was published for dragonfly (RubyGems) Oct 24, 2017
Thumbshooter vulnerable to Code Injection High
CVE-2013-1898 was published for thumbshooter (RubyGems) Oct 24, 2017
fastreader Gem for Ruby URI Handling Arbitrary Command Injection High
CVE-2013-2615 was published for fastreader (RubyGems) Oct 24, 2017
Shell command injection in command_wrap High
CVE-2013-1875 was published for command_wrap (RubyGems) Oct 24, 2017
Sounder Contains Arbitrary Command Execution Vulnerability High
CVE-2013-5647 was published for sounder (RubyGems) Oct 24, 2017
MiniMagick Gem for Ruby URI Handling Arbitrary Command Injection High
CVE-2013-2616 was published for mini_magick (RubyGems) Oct 24, 2017
rgpg Code Injection vulnerability High
CVE-2013-4203 was published for rgpg (RubyGems) Oct 24, 2017
Curl Gem insufficient URL escaping command injection High
CVE-2013-2617 was published for curl (RubyGems) Oct 24, 2017
Ruby on Rails vulnerable to code injection High
CVE-2006-4111 was published for rails (RubyGems) Oct 24, 2017
Code injection in ansible High
CVE-2017-2809 was published for ansible-vault (pip) Jul 13, 2018
Code injection in Danijar Definitions High
CVE-2018-20325 was published for definitions (pip) Dec 26, 2018
sqla-yaml-fixtures is vulnerable to Code Injection High
CVE-2019-3575 was published for sqla-yaml-fixtures (pip) Jan 4, 2019
xterm vulnerable to remote code execution High
CVE-2019-0542 was published for xterm (npm) Jan 14, 2019
Churro
Improper Control of Generation of Code ('Code Injection') in org.apache.activemq:activemq-client High
CVE-2019-0222 was published for org.apache.activemq:activemq-client (Maven) Apr 2, 2019
sunSUNQ
Code Injection in js-yaml High
GHSA-8j8c-7jfh-h6hx was published for js-yaml (npm) Jun 4, 2019
Code Injection in PyXDG High
CVE-2019-12761 was published for pyxdg (pip) Jun 7, 2019
Remote Code Execution in node-os-utils High
GHSA-j9f8-8h89-j69x was published for node-os-utils (npm) Jun 11, 2019
Command Injection in wiki-plugin-datalog High
GHSA-pm52-wwrw-c282 was published for wiki-plugin-datalog (npm) Jun 13, 2019
Code injection in RubyGems High
CVE-2019-8324 was published for rubygems-update (RubyGems) Jun 20, 2019
XML External Entity (XXE) Injection in Apache Solr High
CVE-2019-0193 was published for org.apache.solr:solr-core (Maven) Aug 1, 2019
Improper Input Validation in Apache Solr High
CVE-2019-17558 was published for org.apache.solr:solr-core (Maven) Feb 12, 2020
Prototype pollution in dojo High
CVE-2020-5258 was published for dojo (npm) Mar 10, 2020
ProTip! Advisories are also available from the GraphQL API