Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,278 advisories

Loading
An issue was discovered in EMC RecoverPoint for Virtual Machines versions prior to 5.1.1, EMC... High Unreviewed
CVE-2018-1185 was published May 13, 2022
freeciv 2.2 before 2.2.1 and 2.3 before 2.3.0 allows attackers to read arbitrary files or execute... High Unreviewed
CVE-2010-2445 was published May 13, 2022
The Plainview Activity Monitor plugin before 20180826 for WordPress is vulnerable to OS command... High Unreviewed
CVE-2018-15877 was published May 13, 2022
A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to inject... High Unreviewed
CVE-2019-1745 was published May 13, 2022
Proxifier for Mac before 2.19.2, when first run, allows local users to gain privileges by... High Unreviewed
CVE-2017-7690 was published May 13, 2022
gitnote 3.1.0 allows remote attackers to execute arbitrary code via a crafted Markdown file, as... High Unreviewed
CVE-2019-9785 was published May 13, 2022
The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3 and earlier, as used in (1)... High Unreviewed
CVE-2008-4796 was published May 13, 2022
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function... High Unreviewed
CVE-2014-7169 was published May 13, 2022
GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of... High Unreviewed
CVE-2014-6278 was published May 13, 2022
runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to... High Unreviewed
CVE-2019-5736 was published May 13, 2022
trixbox 2.8.0.4 has OS command injection via shell metacharacters in the lang parameter to /maint... High Unreviewed
CVE-2017-14535 was published May 13, 2022
** DISPUTED ** In PostgreSQL 9.3 through 11.2, the "COPY TO/FROM PROGRAM" function allows... High Unreviewed
CVE-2019-9193 was published May 13, 2022
An exploitable command injection vulnerability exists in the gplotMakeOutput function of... High Unreviewed
CVE-2018-3836 was published May 13, 2022
An exploitable code execution vulnerability exists in the cloud OTA setup functionality of Yi... High Unreviewed
CVE-2018-3910 was published May 13, 2022
An exploitable command injection vulnerability exists in the measurementBitrateExec functionality... High Unreviewed
CVE-2018-3937 was published May 13, 2022
Devices in the Linksys ESeries line of routers (Linksys E1200 Firmware Version 2.0.09 and Linksys... High Unreviewed
CVE-2018-3954 was published May 13, 2022
Devices in the Linksys ESeries line of routers (Linksys E1200 Firmware Version 2.0.09 and Linksys... High Unreviewed
CVE-2018-3953 was published May 13, 2022
An exploitable operating system command injection exists in the Linksys ESeries line of routers ... High Unreviewed
CVE-2018-3955 was published May 13, 2022
An exploitable code execution vulnerability exists in the connect functionality of NordVPN 6.14... High Unreviewed
CVE-2018-3952 was published May 13, 2022
An exploitable vulnerability exists in the verified boot protection of the CUJO Smart Firewall.... High Unreviewed
CVE-2018-3969 was published May 13, 2022
An exploitable code execution vulnerability exists in the connect functionality of ProtonVPN VPN... High Unreviewed
CVE-2018-4010 was published May 13, 2022
An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE... High Unreviewed
CVE-2018-4019 was published May 13, 2022
An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE... High Unreviewed
CVE-2018-4020 was published May 13, 2022
An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE... High Unreviewed
CVE-2018-4021 was published May 13, 2022
An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR... High Unreviewed
CVE-2017-12120 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database