Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,279 advisories

Loading
For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, when joining a... High Unreviewed
CVE-2018-9075 was published May 13, 2022
For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, when changing... High Unreviewed
CVE-2018-9076 was published May 13, 2022
In Vecna VGo Robot versions prior to 3.0.3.52164, an attacker on an adjacent network could... High Unreviewed
CVE-2018-8866 was published May 13, 2022
VMware NSX SD-WAN Edge by VeloCloud prior to version 3.1.0 contains a command injection... High Unreviewed
CVE-2018-6961 was published May 13, 2022
The setSystemTime function in Foscam Cameras C1 Lite V3, and C1 V3 with firmware 2.82.2.33 and... High Unreviewed
CVE-2018-6831 was published May 13, 2022
An issue was discovered in soliduiserver/deviceserviceaction.cpp in KDE Plasma Workspace before 5... High Unreviewed
CVE-2018-6791 was published May 13, 2022
Arbitrary logs location in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to... High Unreviewed
CVE-2018-6222 was published May 13, 2022
Multiple command injection vulnerabilities in NeDi before 1.7Cp3 allow authenticated users to... High Unreviewed
CVE-2018-20727 was published May 13, 2022
An issue was discovered in MISP 2.4.9x before 2.4.99. In app/Model/Event.php (the STIX 1 import... High Unreviewed
CVE-2018-19908 was published May 13, 2022
The remote upgrade feature in Guardzilla GZ180 devices allow command injection via a crafted new... High Unreviewed
CVE-2018-18600 was published May 13, 2022
A command injection vulnerability in the setup API in the Neato Botvac Connected 2.2.0 allows... High Unreviewed
CVE-2018-18638 was published May 13, 2022
The Port Forwarding functionality on DASAN H660GW devices allows remote attackers to execute... High Unreviewed
CVE-2018-17867 was published May 13, 2022
Linksys Velop 1.1.2.187020 devices allow unauthenticated command injection, providing an attacker... High Unreviewed
CVE-2018-17208 was published May 13, 2022
An issue was discovered in mgetty before 1.2.1. In fax/faxq-helper.c, the function do_activate()... High Unreviewed
CVE-2018-16741 was published May 13, 2022
LINK-NET LW-N605R devices with firmware 12.20.2.1486 allow Remote Code Execution via shell... High Unreviewed
CVE-2018-16752 was published May 13, 2022
An issue was discovered in mgetty before 1.2.1. In fax_notify_mail() in faxrec.c, the mail_to... High Unreviewed
CVE-2018-16744 was published May 13, 2022
An authenticated command injection vulnerability exists in IPFire Firewall before 2.21 Core... High Unreviewed
CVE-2018-16232 was published May 13, 2022
The web management console of Opsview Monitor 5.4.x before 5.4.2 provides functionality... High Unreviewed
CVE-2018-16146 was published May 13, 2022
In System Management Module (SMM) versions prior to 1.06, the SMM certificate creation and... High Unreviewed
CVE-2018-16090 was published May 13, 2022
In System Management Module (SMM) versions prior to 1.06, a field in the header of SMM firmware... High Unreviewed
CVE-2018-16089 was published May 13, 2022
System command injection in request_mitv in Xiaomi Mi Router 3 version 2.22.15 allows attackers... High Unreviewed
CVE-2018-16130 was published May 13, 2022
An authenticated command injection vulnerability exists in status_interfaces.php via... High Unreviewed
CVE-2018-16055 was published May 13, 2022
Nagios XI 5.5.6 allows local authenticated attackers to escalate privileges to root via... High Unreviewed
CVE-2018-15710 was published May 13, 2022
Nagios XI 5.5.6 allows remote authenticated attackers to reset and regenerate the API key of more... High Unreviewed
CVE-2018-15711 was published May 13, 2022
Nagios XI 5.5.6 allows remote authenticated attackers to execute arbitrary commands via a crafted... High Unreviewed
CVE-2018-15709 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database