Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,128
NuGet
735
pip
3,944
Pub
12
RubyGems
945
Rust
1,024
Swift
39
Unreviewed advisories
All unreviewed
5,000+

15,073 advisories

Loading
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... Critical Unreviewed
CVE-2017-17415 was published May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... Critical Unreviewed
CVE-2017-17422 was published May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... Critical Unreviewed
CVE-2017-17417 was published May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... Critical Unreviewed
CVE-2017-17412 was published May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... Critical Unreviewed
CVE-2017-17421 was published May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... Critical Unreviewed
CVE-2017-17652 was published May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... Critical Unreviewed
CVE-2017-17657 was published May 13, 2022
A vulnerability in Cisco Unified Communications Manager 10.5(2.10000.5), 11.0(1.10000.10), and 11... High Unreviewed
CVE-2017-6757 was published May 13, 2022
A vulnerability in the web framework code of Cisco Integrated Management Controller (IMC)... Critical Unreviewed
CVE-2018-15447 was published May 13, 2022
A vulnerability in the web framework code of Cisco Prime License Manager (PLM) could allow an... Critical Unreviewed
CVE-2018-15441 was published May 13, 2022
Cloud Foundry CF Networking Release, versions 2.11.0 prior to 2.16.0, contain an internal api... High Unreviewed
CVE-2018-15755 was published May 13, 2022
The WP Custom Cursors WordPress plugin through 3.0 does not properly sanitise and escape a... High Unreviewed
CVE-2022-3150 was published Oct 17, 2022
A vulnerability in the web framework code for Cisco RV180W Wireless-N Multifunction VPN Router... High Unreviewed
CVE-2018-0404 was published May 13, 2022
IBM Maximo Asset Management 7.6 through 7.6.3 is vulnerable to SQL injection. A remote attacker... High Unreviewed
CVE-2018-1699 was published May 13, 2022
IBM Security Identity Governance and Intelligence 5.2.3.2 and 5.2.4 is vulnerable to SQL... High Unreviewed
CVE-2018-1756 was published May 13, 2022
IBM InfoSphere Information Server 11.5 and 11.7 is vulnerable to SQL injection. A remote attacker... Critical Unreviewed
CVE-2018-1994 was published May 13, 2022
A vulnerability in DB Manager version 3.0.1.0 and previous and PerformA version 3.0.0.0 and... Moderate Unreviewed
CVE-2018-10593 was published May 13, 2022
Rockwell Automation FactoryTalk VantagePoint versions 8.0, 8.10, 8.20, 8.30, 8.31 are vulnerable... High Unreviewed
CVE-2022-3158 was published Oct 18, 2022
RAVA certificate validation system has insufficient validation for user input. An unauthenticated... Critical Unreviewed
CVE-2022-39056 was published Oct 18, 2022
A SQL Injection issue was discovered in Advantech WebAccess/SCADA versions prior to V8.2_20170817... Moderate Unreviewed
CVE-2018-5443 was published May 13, 2022
Navarino Infinity web interface up to version 2.2 exposes an unauthenticated script that is prone... Critical Unreviewed
CVE-2018-5384 was published May 13, 2022
SQL Injection in HP Network Operations Management Ultimate, version 2017.07, 2017.11, 2018.02 and... High Unreviewed
CVE-2018-6493 was published May 13, 2022
SQL Injection exists in MailSherlock before 1.5.235 for OAKlouds allows an unauthenticated user... Moderate Unreviewed
CVE-2018-17542 was published May 13, 2022
An SQL injection vulnerability has been identified in Geutebruck G-Cam/EFD-2250 Version 1.12.0.4... Critical Unreviewed
CVE-2018-7528 was published May 13, 2022
NUUO CMS All versions 3.3 and prior the web server application allows injection of arbitrary SQL... High Unreviewed
CVE-2018-18982 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database