GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,579
Composer 4,205
Erlang 31
GitHub Actions 19
Go 1,986
Maven 5,169
npm 3,703
NuGet 661
pip 3,329
Pub 11
RubyGems 884
Rust 844
Swift 36

Unreviewed advisories

All unreviewed 234,114

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

321 advisories

Filter by severity

Sort by

Least recently updated

lib/ajaxHandlers/ajaxAddTemplate.php in rConfig through 3.94 allows remote attackers to execute... Moderate Unreviewed

CVE-2020-10221 was published May 24, 2022

A remote authenticated SQL Injection vulnerabilitiy was discovered in Aruba ClearPass Policy... Moderate Unreviewed

CVE-2021-26685 was published May 24, 2022

GigaCC OFFICE ver.2.3 and earlier allows remote attackers to execute arbitrary OS commands via... Moderate Unreviewed

CVE-2016-7844 was published May 17, 2022

Cisco TelePresence endpoints running either CE or TC software contain a vulnerability that could... Moderate Unreviewed

CVE-2016-6459 was published May 17, 2022

A vulnerability in a startup script of Cisco IOS XE Software could allow an unauthenticated... Moderate Unreviewed

CVE-2017-6606 was published May 17, 2022

A vulnerability in CLI command processing in the Cisco Firepower 4100 Series Next-Generation... Moderate Unreviewed

CVE-2017-3806 was published May 17, 2022

WNC01WH firmware 1.0.0.9 and earlier allows authenticated attackers to execute arbitrary OS... Moderate Unreviewed

CVE-2017-2152 was published May 17, 2022

Dell EMC PowerStore, contains an OS command injection Vulnerability. A locally authenticated... Moderate Unreviewed

CVE-2022-22555 was published Jul 22, 2022

IBM CICS TX 11.1 could allow allow an attacker with physical access to the system to execute code... Moderate Unreviewed

CVE-2022-33955 was published Aug 2, 2022

Buffalo network devices WSR-3200AX4S firmware Ver. 1.26 and earlier, WSR-3200AX4B firmware Ver. 1... Moderate Unreviewed

CVE-2022-43466 was published Dec 19, 2022

McAfee Enterprise Security Manager (ESM), Enterprise Security Manager/Log Manager (ESMLM), and... Moderate Unreviewed

CVE-2015-7310 was published May 17, 2022

A local file script in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2... Moderate Unreviewed

CVE-2015-4330 was published May 17, 2022

A vulnerability in the self-healing functionality of Cisco IOS XE Software for Embedded Wireless... Moderate Unreviewed

CVE-2022-20855 was published Oct 1, 2022

OCS Inventory NG 2.7 allows Remote Command Execution via shell metacharacters to require... Moderate Unreviewed

CVE-2020-14947 was published May 24, 2022

baserCMS 3.0.2 through 3.0.8 allows remote authenticated users to execute arbitrary OS commands... Moderate Unreviewed

CVE-2015-7769 was published May 17, 2022

KDDI HOME SPOT CUBE devices before 2 allow remote authenticated users to execute arbitrary OS... Moderate Unreviewed

CVE-2016-1141 was published May 17, 2022

An unspecified script in the web interface in Cisco Firepower Extensible Operating System 1.1(1... Moderate Unreviewed

CVE-2015-6380 was published May 17, 2022

PC-EGG pWebManager before 3.3.10, and before 2.2.2 for PHP 4.x, allows remote authenticated users... Moderate Unreviewed

CVE-2015-7774 was published May 17, 2022

eventapp/lib/gcloud.rb in the ISUCON5 qualifier portal (aka eventapp) web application before 2015... Moderate Unreviewed

CVE-2015-5673 was published May 17, 2022

ASUS JAPAN RT-AC87U routers with firmware 3.0.0.4.378.3754 and earlier, RT-AC68U routers with... Moderate Unreviewed

CVE-2014-7269 was published May 17, 2022

Usermin before 1.600 allows remote attackers to execute arbitrary operating-system commands via... Moderate Unreviewed

CVE-2014-3883 was published May 17, 2022

The commandline interface in Blue Coat Content Analysis System (CAS) 1.1 before 1.1.4.2 allows... Moderate Unreviewed

CVE-2014-2565 was published May 17, 2022

The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to... Moderate Unreviewed

CVE-2012-4108 was published May 17, 2022

The DrayTek Vigor 2700 router 2.8.3 allows remote attackers to execute arbitrary JavaScript code,... Moderate Unreviewed

CVE-2013-5703 was published May 17, 2022

It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password,... Moderate Unreviewed

CVE-2020-14342 was published May 24, 2022

Previous 1 2 3 4 5 … 12 13 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

321 advisories