Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,992
Erlang
39
GitHub Actions
38
Go
2,634
Maven
5,000+
npm
4,259
NuGet
760
pip
4,052
Pub
12
RubyGems
955
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

134 advisories

Loading
Dolibarr authenticated Remote Code Execution High
CVE-2020-35136 was published for dolibarr/dolibarr (Composer) May 24, 2022
A vulnerability in the remote management feature of Cisco SD-WAN vManage Software could allow an... High Unreviewed
CVE-2020-27129 was published May 24, 2022
Improper neutralization of argument delimiters in a command in Nagios XI 5.7.3 allows a remote,... High Unreviewed
CVE-2020-5792 was published May 24, 2022
aaPanel through 6.6.6 allows remote authenticated users to execute arbitrary commands via the... High Unreviewed
CVE-2020-14421 was published May 24, 2022
In RAONWIZ K Upload v2018.0.2.51 and prior, automatic update processing without integrity check... High Unreviewed
CVE-2020-7808 was published May 24, 2022
rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via... High Unreviewed
CVE-2020-12641 was published May 24, 2022
An exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3,... High Unreviewed
CVE-2019-5012 was published May 24, 2022
An exploitable privilege escalation vulnerability exists in the Wacom, driver version 6.3.32-3,... High Unreviewed
CVE-2019-5013 was published May 24, 2022
rustls-mio/examples/tlsserver.rs in the rustls crate before 0.16.0 for Rust allows attackers to... High Unreviewed
CVE-2019-15541 was published May 24, 2022
cgi-bin/cmh/webcam.sh in Vera Edge Home Controller 1.7.4452 allows remote unauthenticated users... High Unreviewed
CVE-2019-15498 was published May 24, 2022
Wind River VxWorks 6.6, 6.7, 6.8, 6.9.3, 6.9.4, and Vx7 has Incorrect Access Control in IPv4... High Unreviewed
CVE-2019-12264 was published May 24, 2022
In MobaXterm 11.1, the mobaxterm: URI handler has an argument injection vulnerability that allows... High Unreviewed
CVE-2019-13475 was published May 24, 2022
An argument injection vulnerability in Atlassian Sourcetree for Windows's URI handlers, in all... High Unreviewed
CVE-2019-11582 was published May 24, 2022
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an... High Unreviewed
CVE-2019-1780 was published May 24, 2022
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an... High Unreviewed
CVE-2019-1795 was published May 24, 2022
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an... High Unreviewed
CVE-2019-1779 was published May 24, 2022
kernel/omap/drivers/mfd/twl6030-gpadc.c in the kernel component in Amazon Kindle Fire HD(3rd)... High Unreviewed
CVE-2018-11025 was published May 14, 2022
kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in Amazon Kindle Fire HD (3rd... High Unreviewed
CVE-2018-11023 was published May 14, 2022
kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in Amazon Kindle Fire HD (3rd... High Unreviewed
CVE-2018-11024 was published May 14, 2022
kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in Amazon Kindle Fire HD(3rd)... High Unreviewed
CVE-2018-11022 was published May 14, 2022
kernel/omap/drivers/video/omap2/dsscomp/device.c in the kernel component in Amazon Kindle Fire HD... High Unreviewed
CVE-2018-11021 was published May 14, 2022
kernel/omap/drivers/misc/gcx/gcioctl/gcif.c in the kernel component in Amazon Kindle Fire HD(3rd)... High Unreviewed
CVE-2018-11019 was published May 14, 2022
Logstash prior to version 2.1.2, the CSV output can be attacked via engineered input that will... High Unreviewed
CVE-2016-1000222 was published May 14, 2022
There was an argument injection vulnerability in Atlassian Sourcetree for macOS from version 1.2... High Unreviewed
CVE-2018-20234 was published May 13, 2022
mIRC before 7.55 allows remote command execution by using argument injection through custom URI... High Unreviewed
CVE-2019-6453 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database