Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

10 advisories

Loading
Apache HugeGraph-Server: Command execution in gremlin Critical
CVE-2024-27348 was published for org.apache.hugegraph:hugegraph-api (Maven) Apr 22, 2024
FitNesse allows execution of arbitrary OS commands Critical
CVE-2024-28125 was published for org.fitnesse:fitnesse (Maven) Mar 18, 2024
Command Injection in Xstream Critical
CVE-2013-7285 was published for com.thoughtworks.xstream:xstream (Maven) May 29, 2019
mmabdpr MarkLee131
Apache StreamPark: Authenticated system users could trigger remote command execution Critical
CVE-2023-49898 was published for org.apache.streampark:streampark (Maven) Dec 15, 2023
Bash command injection in Apache Zeppelin Critical
CVE-2019-10095 was published for org.apache.zeppelin:zeppelin (Maven) Sep 7, 2021
Apache Kylin vulnerable to remote code execution Critical
CVE-2022-24697 was published for org.apache.kylin:kylin-core-common (Maven) Jul 6, 2023
Command injection in Apache Maven maven-shared-utils Critical
CVE-2022-29599 was published for org.apache.maven.shared:maven-shared-utils (Maven) May 24, 2022
Apache Kylin vulnerable to Command injection by Diagnosis Controller Critical
CVE-2022-44621 was published for org.apache.kylin:kylin-server-base (Maven) Dec 30, 2022
Command injection in itext7-core Critical
CVE-2021-43113 was published for com.itextpdf:itext7-core (Maven) Dec 16, 2021
Command injection in Apache DolphinScheduler Alert Plugins Critical
CVE-2022-45462 was published for org.apache.dolphinscheduler:dolphinscheduler-alert-plugins (Maven) Nov 23, 2022
ProTip! Advisories are also available from the GraphQL API