Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,989 advisories

Loading
Vulnerability in rconfig “date” enables an attacker with user level access to the CLI to inject... High Unreviewed
CVE-2022-24388 was published May 18, 2022
Vulnerability in Fidelis Network and Deception CommandPost enables authenticated command... High Unreviewed
CVE-2022-24392 was published May 18, 2022
Vulnerability in rconfig “remote_text_file” enables an attacker with user level access to the CLI... High Unreviewed
CVE-2022-24390 was published May 18, 2022
Vulnerability in Fidelis Network and Deception CommandPost enables authenticated command... High Unreviewed
CVE-2022-24393 was published May 18, 2022
Vulnerability in Fidelis Network and Deception CommandPost enables authenticated command... High Unreviewed
CVE-2022-24394 was published May 18, 2022
The remote administration interface in D-Link DIR-815 devices with firmware before 2.03.B02... Critical Unreviewed
CVE-2014-8888 was published May 17, 2022
LPAR2RRD ? 4.53 and ? 3.5 has arbitrary command injection on the application server. High Unreviewed
CVE-2014-4982 was published May 17, 2022
Cobbler subject to Command Injection High
CVE-2012-2395 was published for cobbler (pip) May 17, 2022
The CreateProcess method in the BWOCXRUN.BwocxrunCtrl.1 ActiveX control in bwocxrun.ocx in... High Unreviewed
CVE-2014-0773 was published May 17, 2022
Improper Neutralization of Special Elements used in a Command in FitNesse Wiki High
CVE-2014-1216 was published for org.fitnesse:fitnesse (Maven) May 17, 2022
The web interface in BitTorrent allows remote attackers to execute arbitrary commands by... Moderate Unreviewed
CVE-2014-8515 was published May 17, 2022
git_http_controller.rb in the redmine_git_hosting plugin for Redmine allows remote attackers to... High Unreviewed
CVE-2013-4663 was published May 17, 2022
Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7... High Unreviewed
CVE-2014-9188 was published May 17, 2022
Unrestricted file upload vulnerability in ls/vw_snapshots.php in the VideoWhisper Live Streaming... High Unreviewed
CVE-2014-1905 was published May 17, 2022
cgi-bin/iptablesgui.cgi in IPCop (aka IPCop Firewall) before 2.1.5 allows remote authenticated... Moderate Unreviewed
CVE-2013-7418 was published May 17, 2022
The wfMangleFlashPolicy function in OutputHandler.php in MediaWiki before 1.19.22, 1.20.x through... High Unreviewed
CVE-2014-9277 was published May 17, 2022
Common LaTeX Service Interface (CLSI) before 0.1.3, as used in ShareLaTeX before 0.1.3, allows... Moderate Unreviewed
CVE-2015-0934 was published May 17, 2022
The saveObject function in moadmin.php in phpMoAdmin 1.1.2 allows remote attackers to execute... High Unreviewed
CVE-2015-2208 was published May 17, 2022
cloner.functions.php in the XCloner plugin 3.1.2 for WordPress allows remote authenticated users... Moderate Unreviewed
CVE-2015-4336 was published May 17, 2022
The log-gather implementation in the web administration interface in EMC Isilon OneFS 6.5.x.x... High Unreviewed
CVE-2015-4525 was published May 17, 2022
BitTorrent and uTorrent allow remote attackers to inject command line parameters and execute... High Unreviewed
CVE-2015-5474 was published May 17, 2022
The pcsd web UI in PCS 0.9.139 and earlier allows remote authenticated users to execute arbitrary... High Unreviewed
CVE-2015-5190 was published May 17, 2022
rubygem-openshift-origin-console in Red Hat OpenShift 2.2 allows remote authenticated users to... Moderate Unreviewed
CVE-2015-5274 was published May 17, 2022
The xmlrpc.cgi Webmin script in IBM QRadar SIEM 7.1 MR2 before Patch 11 IF02 and 7.2.x before 7.2... High Unreviewed
CVE-2015-2011 was published May 17, 2022
SolarWinds Log and Event Manager (LEM) allows remote attackers to execute arbitrary commands on... High Unreviewed
CVE-2015-7839 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database