Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,279 advisories

Loading
webglimpse.cgi in Webglimpse before 2.20.0 allows remote attackers to execute arbitrary commands... High Unreviewed
CVE-2012-1795 was published May 14, 2022
cgi-bin/write.cgi in Anti-Web through 3.8.7, as used on NetBiter / HMS, Ouman EH-net, Alliance... High Unreviewed
CVE-2017-17888 was published May 14, 2022
Linux Dash up to version v2 is vulnerable to multiple command injection vulnerabilities in the... High Unreviewed
CVE-2017-1000473 was published May 14, 2022
diag_ping.cmd on D-Link DSL-2640U devices with firmware IM_1.00 and ME_1.00, and DSL-2540U... High Unreviewed
CVE-2018-5371 was published May 14, 2022
pfSense before 2.3 allows remote authenticated users to execute arbitrary OS commands via a '|'... High Unreviewed
CVE-2016-10709 was published May 14, 2022
Arbitrary shell command execution in Jenkins EC2 Plugin High
CVE-2017-1000502 was published for org.jenkins-ci.plugins:ec2 (Maven) May 14, 2022
iBall iB-WRA150N 1.2.6 build 110401 Rel.47776n devices allow remote authenticated users to... High Unreviewed
CVE-2018-6388 was published May 14, 2022
The Python console in Electrum through 2.9.4 and 3.x through 3.0.5 supports arbitrary Python code... High Unreviewed
CVE-2018-6353 was published May 14, 2022
OpenEMR version 5.0.0 contains a OS Command Injection vulnerability in fax_dispatch.php that can... High Unreviewed
CVE-2018-1000019 was published May 14, 2022
Devices with IP address setting tool "MagicalFinder" provided by I-O DATA DEVICE, INC. allow... High Unreviewed
CVE-2018-0512 was published May 14, 2022
Ruckus Networks Unleashed AP firmware releases before 200.6.10.1.x and Ruckus Networks Zone... High Unreviewed
CVE-2017-6229 was published May 14, 2022
In app/Controller/ServersController.php in MISP 2.4.87, a server setting permitted the override... High Unreviewed
CVE-2018-6926 was published May 14, 2022
Ruckus Networks Solo APs firmware releases R110.x or before and Ruckus Networks SZ managed APs... High Unreviewed
CVE-2017-6230 was published May 14, 2022
IBM BigFix Platform 9.0, 9.1 before 9.1.8, and 9.2 before 9.2.8 allow remote authenticated users... High Unreviewed
CVE-2016-0291 was published May 14, 2022
Remote code execution vulnerability in /cmsms-2.1.6-install.php/index.php in CMS Made Simple... High Unreviewed
CVE-2018-7448 was published May 14, 2022
Vesta Control Panel before 0.9.8-14 allows remote authenticated users to execute arbitrary... High Unreviewed
CVE-2015-4117 was published May 14, 2022
Buffalo WXR-1900DHP2 firmware Ver.2.48 and earlier allows an attacker to execute arbitrary OS... High Unreviewed
CVE-2018-0523 was published May 14, 2022
Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary OS commands via... High Unreviewed
CVE-2018-0556 was published May 14, 2022
Silex SD-320AN version 2.01 and prior and GE MobileLink(GEH-SD-320AN) version GEH-1.1 and prior... High Unreviewed
CVE-2018-6021 was published May 14, 2022
GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of... High Unreviewed
CVE-2014-6277 was published May 14, 2022
On D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1... High Unreviewed
CVE-2018-6211 was published May 14, 2022
Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an improperly neutralized... High Unreviewed
CVE-2018-12591 was published May 14, 2022
index.php in Softaculous Webuzo before 2.1.4 allows remote attackers to execute arbitrary... High Unreviewed
CVE-2013-6041 was published May 14, 2022
AVM Fritz!Box allows remote attackers to execute arbitrary commands via shell metacharacters in... High Unreviewed
CVE-2014-9727 was published May 14, 2022
OS Command Injection in baserCMS High
CVE-2018-0569 was published for baserproject/basercms (Composer) May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database