GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,088 advisories
Remote Code Execution in Red Discord Bot
High
CVE-2020-15147
was published
for
Red-DiscordBot
(pip)
Aug 21, 2020
Remote Code Execution in Red Discord Bot
High
CVE-2020-15140
was published
for
Red-DiscordBot
(pip)
Aug 21, 2020
Remote Code Execution in SyliusResourceBundle
High
CVE-2020-15143
was published
for
sylius/resource-bundle
(Composer)
Aug 19, 2020
Remote Code Execution in SyliusResourceBundle
Critical
CVE-2020-15146
was published
for
sylius/resource-bundle
(Composer)
Aug 19, 2020
Potential Code Injection in Sprout Forms
Critical
CVE-2020-11056
was published
for
barrelstrength/sprout-base-email
(Composer)
May 8, 2020
Remote Code Execution (RCE) vulnerability in dropwizard-validation
High
CVE-2020-11002
was published
for
io.dropwizard:dropwizard-validation
(Maven)
Apr 10, 2020
HTTP Response Splitting in Styx
Moderate
CVE-2020-6858
was published
for
com.hotels.styx:styx-api
(Maven)
Mar 3, 2020
Remote Code Execution (RCE) vulnerability in dropwizard-validation
High
CVE-2020-5245
was published
for
io.dropwizard:dropwizard-validation
(Maven)
Feb 24, 2020
Link injection in SimpleSAMLphp
Low
GHSA-2r3v-q9x3-7g46
was published
for
simplesamlphp/simplesamlphp
(Composer)
Jan 24, 2020
Remote Code Execution in Angular Expressions
High
CVE-2020-5219
was published
for
angular-expressions
(npm)
Jan 24, 2020
Improper Neutralization of CRLF Sequences in HTTP Headers ('HTTP Response Splitting') in Armeria
Moderate
GHSA-35fr-h7jr-hh86
was published
for
com.linecorp.armeria:armeria
(Maven)
Dec 6, 2019
ProTip!
Advisories are also available from the
GraphQL API