Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,534 advisories

Loading
The validateAdminConfig handler in the Analytics Management Console in HPE Vertica 7.0.x before 7... Critical Unreviewed
CVE-2016-2002 was published May 14, 2022
Command injection vulnerability in login_cgi in GL.iNet GL-AR300M-Lite devices with firmware 2.27... High Unreviewed
CVE-2019-6272 was published May 14, 2022
Command injection vulnerability in firmware_cgi in GL.iNet GL-AR300M-Lite devices with firmware 2... High Unreviewed
CVE-2019-6275 was published May 14, 2022
An issue was discovered in CMS Made Simple 2.2.8. It is possible, with an administrator account,... High Unreviewed
CVE-2019-9059 was published May 14, 2022
The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0... High Unreviewed
CVE-2015-4852 was published May 14, 2022
An issue was discovered on PHOENIX CONTACT RAD-80211-XD and RAD-80211-XD/HP-BUS devices. Command... High Unreviewed
CVE-2019-9743 was published May 14, 2022
(1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5)... Critical Unreviewed
CVE-2016-1555 was published May 14, 2022
The mdcheck script of the mdadm package for openSUSE 13.2 prior to version 3.3.1-5.14.1 does not... High Unreviewed
CVE-2014-5220 was published May 14, 2022
Kibana versions before 6.6.1 contain an arbitrary code execution flaw in the security audit... Critical Unreviewed
CVE-2019-7610 was published May 14, 2022
A command injection vulnerability exists in the Microsoft Wireless Display Adapter (MWDA) when... Moderate Unreviewed
CVE-2018-8306 was published May 13, 2022
In Schneider Electric U.motion Builder software versions prior to v1.3.4, a remote command... Critical Unreviewed
CVE-2018-7785 was published May 13, 2022
There was an command injection vulnerability in Sourcetree for Windows from version 0.5a before... High Unreviewed
CVE-2018-20236 was published May 13, 2022
A Command Injection issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x... Critical Unreviewed
CVE-2018-17445 was published May 13, 2022
The web application on Xerox AltaLink B80xx before 100.008.028.05200, C8030/C8035 before 100.001... Critical Unreviewed
CVE-2018-17172 was published May 13, 2022
An authenticated attacker can execute arbitrary code using command ejection in Eltex ESP-200... High Unreviewed
CVE-2018-15356 was published May 13, 2022
Command Injection vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3... Critical Unreviewed
CVE-2018-14746 was published May 13, 2022
DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a... High Unreviewed
CVE-2018-1111 was published May 13, 2022
Command injection vulnerability in Music Station 5.1.2 and earlier versions in QNAP QTS 4.3.3 and... Critical Unreviewed
CVE-2018-0718 was published May 13, 2022
Command injection vulnerability in Helpdesk versions 1.1.21 and earlier in QNAP QTS 4.2.6 build... Critical Unreviewed
CVE-2018-0714 was published May 13, 2022
Command injection vulnerability in LDAP Server in QNAP QTS 4.2.6 build 20171208, QTS 4.3.3 build... Critical Unreviewed
CVE-2018-0712 was published May 13, 2022
An issue was discovered in certain Apple products. Safari before 11.0.2 is affected. The issue... High Unreviewed
CVE-2017-7161 was published May 13, 2022
The Symantec Messaging Gateway before 10.6.3-267 can encounter an issue of remote code execution,... High Unreviewed
CVE-2017-6327 was published May 13, 2022
Insufficient data validation in crosh could lead to a command injection under chronos privileges... High Unreviewed
CVE-2017-15403 was published May 13, 2022
A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local... Moderate Unreviewed
CVE-2017-12335 was published May 13, 2022
Command injection vulnerability in login.php in Synology Photo Station before 6.5.3-3226 allows... Critical Unreviewed
CVE-2016-10329 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database