GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
16 advisories
Filter by severity
On F5 Traffix SDC 5.2.x versions prior to 5.2.2 and 5.1.x versions prior to 5.1.35, a stored...
Moderate
Unreviewed
CVE-2022-27662
was published
May 6, 2022
Affected versions of Atlassian Jira Server or Data Center using the Jira Service Management addon...
High
Unreviewed
CVE-2021-39128
was published
May 24, 2022
A improper neutralization of special elements used in a template engine vulnerability in Fortinet...
High
Unreviewed
CVE-2023-27995
was published
Apr 11, 2023
Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository alfio...
Critical
Unreviewed
CVE-2023-2259
was published
Apr 24, 2023
Adobe Commerce versions 2.4.6 (and earlier), 2.4.5-p2 (and earlier) and 2.4.4-p3 (and earlier)...
High
Unreviewed
CVE-2023-29297
was published
Jun 15, 2023
Gibbon through 26.0.00 allows /modules/School%20Admin/messengerSettings.php Server Side Template...
Critical
Unreviewed
CVE-2024-24724
was published
Apr 3, 2024
A improper neutralization of special elements used in a template engine [CWE-1336] in...
Moderate
Unreviewed
CVE-2023-47542
was published
Apr 9, 2024
An issue in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via...
High
Unreviewed
CVE-2024-32407
was published
Apr 22, 2024
VFS Sandbox Escape in CrushFTP in all versions before 10.7.1 and 11.1.0 on all platforms allows...
High
Unreviewed
CVE-2024-4040
was published
Apr 22, 2024
An issue was discovered in Logpoint before 7.1.1. Template injection was seen in the search...
High
Unreviewed
CVE-2022-48684
was published
Apr 28, 2024
Rejetto HTTP File Server, up to and including version 2.3m, is vulnerable to a template injection...
Critical
Unreviewed
CVE-2024-23692
was published
May 31, 2024
StrongShop v1.0 was discovered to contain a Server-Side Template Injection (SSTI) vulnerability...
High
Unreviewed
CVE-2024-37621
was published
Jun 17, 2024
The WPML plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and...
Critical
Unreviewed
CVE-2024-6386
was published
Aug 21, 2024
A Client-side Template Injection (CSTI) vulnerability in Webkul Krayin CRM 1.3.0 allows remote...
High
Unreviewed
CVE-2024-46366
was published
Sep 27, 2024
Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Supsystic...
Critical
Unreviewed
CVE-2024-48042
was published
Oct 16, 2024
: Improper Neutralization of Special Elements Used in a Template Engine vulnerability in...
Critical
Unreviewed
CVE-2024-49271
was published
Oct 16, 2024
ProTip!
Advisories are also available from the
GraphQL API