GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 26,252
Composer 5,237
Erlang 40
GitHub Actions 41
Go 3,005
Maven 6,264
npm 4,733
NuGet 788
pip 4,343
Pub 12
RubyGems 987
Rust 1,137
Swift 50

Unreviewed advisories

All unreviewed 291,007

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

53 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

On F5 Traffix SDC 5.2.x versions prior to 5.2.2 and 5.1.x versions prior to 5.1.35, a stored... Moderate Unreviewed

CVE-2022-27662 was published May 6, 2022

Improper Neutralization of Special Elements Used in a Template Engine in GitHub repository alfio... Critical Unreviewed

CVE-2023-2259 was published Apr 24, 2023

A improper neutralization of special elements used in a template engine vulnerability in Fortinet... High Unreviewed

CVE-2023-27995 was published Apr 11, 2023

Gibbon through 26.0.00 allows /modules/School%20Admin/messengerSettings.php Server Side Template... Critical Unreviewed

CVE-2024-24724 was published Apr 3, 2024

The WPML plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and... Critical Unreviewed

CVE-2024-6386 was published Aug 21, 2024

A Client-side Template Injection (CSTI) vulnerability in Webkul Krayin CRM 1.3.0 allows remote... High Unreviewed

CVE-2024-46366 was published Sep 27, 2024

Affected versions of Atlassian Jira Server or Data Center using the Jira Service Management addon... High Unreviewed

CVE-2021-39128 was published May 24, 2022

Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Supsystic... Critical Unreviewed

CVE-2024-48042 was published Oct 16, 2024

An issue in inducer relate before v.2024.1 allows a remote attacker to execute arbitrary code via... High Unreviewed

CVE-2024-32407 was published Apr 22, 2024

An issue was discovered in Logpoint before 7.1.1. Template injection was seen in the search... High Unreviewed

CVE-2022-48684 was published Apr 28, 2024

Improper neutralization of special elements used in SQL command in some Intel(R) Neural... High Unreviewed

CVE-2024-39766 was published Nov 13, 2024

Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Saso... Critical Unreviewed

CVE-2024-52427 was published Nov 18, 2024

Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Supsystic... Critical Unreviewed

CVE-2024-52434 was published Nov 18, 2024

Allegra getLinkText Server-Side Template Injection Remote Code Execution Vulnerability. This... High Unreviewed

CVE-2024-30372 was published Nov 22, 2024

The Dynamics 365 Integration plugin for WordPress is vulnerable to Remote Code Execution and... Critical Unreviewed

CVE-2024-12583 was published Jan 4, 2025

A improper neutralization of special elements used in a template engine [CWE-1336] in... Moderate Unreviewed

CVE-2023-47542 was published Apr 9, 2024

: Improper Neutralization of Special Elements Used in a Template Engine vulnerability in... Critical Unreviewed

CVE-2024-49271 was published Oct 16, 2024

Improper Control of Generation of Code ('Code Injection'), Cross-Site Request Forgery (CSRF), :... High Unreviewed

CVE-2024-48962 was published Nov 18, 2024

An issue was discovered in Logpoint AgentX before 1.5.0. A vulnerability caused by limited access... Moderate Unreviewed

CVE-2025-26789 was published Feb 14, 2025

Report generation functionality in Wyn Enterprise allows for code inclusion, but not sufficiently... High Unreviewed

CVE-2024-9150 was published Feb 21, 2025

OneBlog v2.3.6 was discovered to contain a template injection vulnerability via the template... High Unreviewed

CVE-2024-54954 was published Feb 10, 2025

Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Apache... Low Unreviewed

CVE-2025-26865 was published Mar 10, 2025

Improper Neutralization of Special Elements Used in a Template Engine vulnerability in Podlove... Critical Unreviewed

CVE-2024-52393 was published Nov 14, 2024

IPW Systems Metazo through 8.1.3 allows unauthenticated Remote Code Execution because... Critical Unreviewed

CVE-2025-46661 was published Apr 28, 2025

Dell PowerProtect Data Manager Reporting, version(s) 19.16, 19.17, 19.18, contain(s) an Improper... Low Unreviewed

CVE-2025-23376 was published Apr 28, 2025

Previous1…3 Next

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

53 advisories