GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,819

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

4,102 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

getresetstatus in dns/views.py and ftp/views.py in CyberPanel (aka Cyber Panel) before 1c0c6cb... Critical Unreviewed

CVE-2024-51378 was published Oct 30, 2024

Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow... Critical Unreviewed

CVE-2021-1498 was published May 24, 2022

Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow... Critical Unreviewed

CVE-2021-1497 was published May 24, 2022

The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0... Critical Unreviewed

CVE-2024-45519 was published Oct 3, 2024

Accellion FTA 9_12_370 and earlier is affected by OS command execution via a crafted POST request... Critical Unreviewed

CVE-2021-27104 was published May 24, 2022

D-Link DNS-320 FW v2.06B01 Revision Ax is affected by command injection in the system_mgr.cgi... Critical Unreviewed

CVE-2020-25506 was published May 24, 2022

PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an OS command injection issue.... High Unreviewed

CVE-2024-8957 was published Sep 17, 2024

An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518... High Unreviewed

CVE-2024-8190 was published Sep 10, 2024

On DrayTek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1, cgi-bin/mainfunction.cgi... High Unreviewed

CVE-2020-15415 was published May 24, 2022

An OS command injection vulnerability exists in AE1021PE firmware version 2.0.9 and earlier and... High Unreviewed

CVE-2023-49897 was published Dec 6, 2023

Improper neutralization of special elements in the SMA100 SSL-VPN management interface allows a... High Unreviewed

CVE-2023-44221 was published Dec 5, 2023

Pi-hole Web v4.3.2 (aka AdminLTE) allows Remote Code Execution by privileged dashboard users via... Moderate Unreviewed

CVE-2020-8816 was published May 24, 2022

The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers... High Unreviewed

CVE-2020-10987 was published May 24, 2022

DrayTek Vigor2960 1.3.1_Beta; Vigor3900 1.4.4_Beta; and Vigor300B 1.3.3_Beta, 1.4.2.1_Beta, and 1... High Unreviewed

CVE-2020-8515 was published May 24, 2022

D-Link DWL-2600AP 4.2.0.15 Rev A devices have an authenticated OS command injection vulnerability... High Unreviewed

CVE-2019-20500 was published May 24, 2022

Netis WF2419 is vulnerable to authenticated Remote Code Execution (RCE) as root through the... High Unreviewed

CVE-2019-19356 was published May 24, 2022

lib/ajaxHandlers/ajaxAddTemplate.php in rConfig through 3.94 allows remote attackers to execute... Moderate Unreviewed

CVE-2020-10221 was published May 24, 2022

smtp_mailaddr in smtp_session.c in OpenSMTPD 6.6, as used in OpenBSD 6.6 and other products,... High Unreviewed

CVE-2020-7247 was published May 24, 2022

Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.21 contain a pre... High Unreviewed

CVE-2020-9054 was published May 24, 2022

NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote... Critical Unreviewed

CVE-2023-43208 was published Oct 26, 2023

setSystemCommand on D-Link DCS-930L devices before 2.12 allows a remote attacker to execute code... High Unreviewed

CVE-2016-11021 was published May 24, 2022

A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate... High Unreviewed

CVE-2020-0646 was published May 24, 2022

Unauthenticated remote code execution occurs in D-Link products such as DIR-655C, DIR-866L, DIR... Critical Unreviewed

CVE-2019-16920 was published May 24, 2022

A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient... Critical Unreviewed

CVE-2019-10149 was published May 24, 2022

An issue was discovered in Webmin through 1.920. The parameter old in password_change.cgi... Critical Unreviewed

CVE-2019-15107 was published May 24, 2022

Previous 1…8…165 Next

Previous 1 2 … 6 7 8 9 10 … 164 165 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

4,102 advisories