Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,989 advisories

Loading
A vulnerability in the processing of boot options of specific Cisco IOS XE Software switches... High Unreviewed
CVE-2020-3207 was published May 24, 2022
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote... High Unreviewed
CVE-2020-3212 was published May 24, 2022
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote... High Unreviewed
CVE-2020-3211 was published May 24, 2022
A vulnerability in the CLI parsers of Cisco IOS Software for Cisco 809 and 829 Industrial... High Unreviewed
CVE-2020-3210 was published May 24, 2022
A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local... High Unreviewed
CVE-2019-16011 was published May 24, 2022
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... Moderate Unreviewed
CVE-2019-17101 was published May 24, 2022
iCatch DVR do not validate function parameter properly, resulting attackers executing arbitrary... Moderate Unreviewed
CVE-2020-10514 was published May 24, 2022
In ksh version 20120801, a flaw was found in the way it evaluates certain environment variables.... High Unreviewed
CVE-2019-14868 was published May 24, 2022
The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is vulnerable to command... High Unreviewed
CVE-2019-9507 was published May 24, 2022
The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a... Moderate Unreviewed
CVE-2020-6811 was published May 24, 2022
/cgi-bin/activate.cgi on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows... High Unreviewed
CVE-2020-10826 was published May 24, 2022
A vulnerability in the CLI of Cisco SD-WAN Solution software could allow an authenticated, local... High Unreviewed
CVE-2020-3266 was published May 24, 2022
A vulnerability in the web UI of Cisco SD-WAN Solution vManage software could allow an... High Unreviewed
CVE-2019-16012 was published May 24, 2022
In GraphicsMagick before 1.3.32, the text filename component allows remote attackers to read... Moderate Unreviewed
CVE-2019-12921 was published May 24, 2022
SaltStack Salt is vulnerable to command injection Critical
CVE-2019-17361 was published for salt (pip) May 24, 2022
This command injection vulnerability in Music Station allows attackers to execute commands on the... Critical Unreviewed
CVE-2018-0729 was published May 24, 2022
A privilege escalation exists in UniFi Video Controller =<3.10.6 that would allow an attacker on... High Unreviewed
CVE-2019-15595 was published May 24, 2022
There is an OS Command Injection in Nexus Repository Manager <= 2.14.14 (bypass CVE-2019-5475)... High Unreviewed
CVE-2019-15588 was published May 24, 2022
The 7520V3V1.0.0B09P27 version, and all earlier versions of ZTE product ZX297520V3 are impacted... High Unreviewed
CVE-2019-3421 was published May 24, 2022
Aruba Instant 4.x prior to 6.4.4.8-4.2.4.12, 6.5.x prior to 6.5.4.11, 8.3.x prior to 8.3.0.6, and... High Unreviewed
CVE-2018-16417 was published May 24, 2022
A security vulnerability exists in Zingbox Inspector version 1.293 and earlier, that allows for... Critical Unreviewed
CVE-2019-1584 was published May 24, 2022
JetBrains Ktor framework before 1.2.0-rc does not sanitize the username provided by the user for... Critical Unreviewed
CVE-2019-12736 was published May 24, 2022
CF UAA versions prior to 74.1.0 can request scopes for a client that shouldn't be allowed by... High Unreviewed
CVE-2019-11279 was published May 24, 2022
CF UAA versions prior to 74.1.0, allow external input to be directly queried against. A remote... High Unreviewed
CVE-2019-11278 was published May 24, 2022
A vulnerability in a Virtualization Manager (VMAN) related CLI command of Cisco IOS XE Software... High Unreviewed
CVE-2019-12661 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database