Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,989 advisories

Loading
Multiple vulnerabilities in the web-based user interface (Web UI) of Cisco IOS XE Software could... High Unreviewed
CVE-2019-12650 was published May 24, 2022
Multiple vulnerabilities in the web-based user interface (Web UI) of Cisco IOS XE Software could... High Unreviewed
CVE-2019-12651 was published May 24, 2022
In WebAccess versions 8.4.1 and prior, multiple command injection vulnerabilities are caused by a... High Unreviewed
CVE-2019-13552 was published May 24, 2022
Total.js CMS RCE Vulnerability Critical
CVE-2019-15954 was published for total4 (npm) May 24, 2022
Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a command injection... High Unreviewed
CVE-2019-7989 was published May 24, 2022
Adobe Photoshop CC versions 19.1.8 and earlier and 20.0.5 and earlier have a command injection... Critical Unreviewed
CVE-2019-7968 was published May 24, 2022
Adobe Acrobat and Reader versions , 2019.012.20035 and earlier, 2019.012.20035 and earlier, 2017... Critical Unreviewed
CVE-2019-8060 was published May 24, 2022
The web-based configuration interface of the TP-Link M7350 V3 with firmware before 190531 is... High Unreviewed
CVE-2019-12104 was published May 24, 2022
NCSOFT Game Launcher, NC Launcher2 2.4.1.691 and earlier versions have a vulnerability in the... High Unreviewed
CVE-2019-12805 was published May 24, 2022
In radare2 before 3.7.0, a command injection vulnerability exists in bin_symbols() in libr/core... High Unreviewed
CVE-2019-14745 was published May 24, 2022
cPanel before 64.0.21 allows demo accounts to execute Cpanel::SPFUI API commands (SEC-246). Moderate Unreviewed
CVE-2017-18442 was published May 24, 2022
cPanel before 68.0.15 allows local root code execution via cpdavd (SEC-333). High Unreviewed
CVE-2017-18400 was published May 24, 2022
cPanel before 11.54.0.4 allows code execution in the context of shared users via JSON-API (SEC-76). High Unreviewed
CVE-2016-10843 was published May 24, 2022
cPanel before 11.54.0.4 allows certain file-chmod operations in scripts/secureit (SEC-82). Moderate Unreviewed
CVE-2016-10849 was published May 24, 2022
CImg The CImg Library v.2.3.3 and earlier is affected by: command injection. The impact is: RCE.... Critical Unreviewed
CVE-2019-1010174 was published May 24, 2022
Command Injection in EdgeMAX EdgeSwitch prior to 1.8.2 allow an Admin user to execute commands as... High Unreviewed
CVE-2019-5446 was published May 24, 2022
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.5, 13.0.0-13.1.1.4, 12.1.0-12.1.4.1, and 11.5.1-11.6.4,... High Unreviewed
CVE-2019-6622 was published May 24, 2022
An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the... High Unreviewed
CVE-2017-8411 was published May 24, 2022
An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the... Critical Unreviewed
CVE-2017-8408 was published May 24, 2022
An issue was discovered on D-Link DCS-1100 and DCS-1130 devices. The device runs a custom daemon... High Unreviewed
CVE-2017-8413 was published May 24, 2022
An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the... Critical Unreviewed
CVE-2017-8404 was published May 24, 2022
A vulnerability in the vManage web-based UI (Web UI) in the Cisco SD-WAN Solution could allow an... High Unreviewed
CVE-2019-1624 was published May 24, 2022
An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL... High Unreviewed
CVE-2017-8331 was published May 24, 2022
An issue was discovered on Securifi Almond, Almond+, and Almond 2015 devices with firmware AL... High Unreviewed
CVE-2017-8333 was published May 24, 2022
A command injection can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX) 5.4.0... High Unreviewed
CVE-2018-19450 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database