GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,600
Composer 5,005
Erlang 39
GitHub Actions 38
Go 2,635
Maven 6,103
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,393

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,989 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Opmantek NMIS before 4.3.7c has command injection via man, finger, ping, trace, and nslookup in... High Unreviewed

CVE-2016-6534 was published May 17, 2022

Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Embedded_Ace_Set_Task.cgi command... Critical Unreviewed

CVE-2016-5065 was published May 17, 2022

Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Hayes AT command injection. High Unreviewed

CVE-2016-5067 was published May 17, 2022

Synology Photo Station before 6.3-2958 allows remote authenticated guest users to execute... High Unreviewed

CVE-2016-10322 was published May 17, 2022

The allow_execmod plugin for setroubleshoot before 3.2.23 allows local users to execute arbitrary... High Unreviewed

CVE-2016-4444 was published May 17, 2022

The fix_lookup_id function in sealert in setroubleshoot before 3.2.23 allows local users to... High Unreviewed

CVE-2016-4445 was published May 17, 2022

The allow_execstack plugin for setroubleshoot allows local users to execute arbitrary commands by... High Unreviewed

CVE-2016-4446 was published May 17, 2022

setroubleshoot allows local users to bypass an intended container protection mechanism and... High Unreviewed

CVE-2016-4989 was published May 17, 2022

In SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4, a menu system is encountered when... Critical Unreviewed

CVE-2017-7722 was published May 17, 2022

A command injection vulnerability in Juniper Networks NorthStar Controller Application prior to... Moderate Unreviewed

CVE-2017-2324 was published May 17, 2022

The devtools.sh script in AXIS network cameras allows remote authenticated users to execute... High Unreviewed

CVE-2015-8257 was published May 17, 2022

The asset discovery scanner in AlienVault OSSIM before 5.0.1 allows remote authenticated users to... High Unreviewed

CVE-2015-4046 was published May 17, 2022

In EMC VNX2 versions prior to OE for File 8.1.9.211 and VNX1 versions prior to OE for File 7.1.80... Critical Unreviewed

CVE-2017-4984 was published May 17, 2022

default-rsyncssh.lua in Lsyncd 2.1.5 and earlier allows remote attackers to execute arbitrary... High Unreviewed

CVE-2014-8990 was published May 17, 2022

Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported desktop environment is... Moderate Unreviewed

CVE-2014-9622 was published May 17, 2022

VMware Horizon View Client (2.x, 3.x and 4.x prior to 4.5.0) contains a command injection... Critical Unreviewed

CVE-2017-4918 was published May 17, 2022

Command Injection vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10... High Unreviewed

CVE-2017-4054 was published May 17, 2022

In Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb, the "PING" (aka tag_ipPing)... Critical Unreviewed

CVE-2017-9980 was published May 17, 2022

EMC Documentum D2 version 4.5 and EMC Documentum D2 version 4.6 has a DQL Injection Vulnerability... Moderate Unreviewed

CVE-2016-9873 was published May 17, 2022

scripts/license.pl in Veritas NetBackup Appliance 2.6.0.x through 2.6.0.4, 2.6.1.x through 2.6.1... Critical Unreviewed

CVE-2016-7399 was published May 17, 2022

Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) in EMC Avamar Server before 7.3.0-233... High Unreviewed

CVE-2016-0920 was published May 17, 2022

Proxy command injection vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0... High Unreviewed

CVE-2017-11392 was published May 17, 2022

Proxy command injection vulnerability in Trend Micro InterScan Messaging Virtual Appliance 9.0... High Unreviewed

CVE-2017-11391 was published May 17, 2022

IBM Curam Social Program Management 6.0 SP2 before EP26, 6.0.4 before 6.0.4.5iFix10 and 6.0.5... High Unreviewed

CVE-2014-8903 was published May 17, 2022

Command inject in transfer from another server in extplorer 2.1.9 and prior allows attacker to... High Unreviewed

CVE-2017-12756 was published May 17, 2022

Previous 1…94…120 Next

Previous 1 2 … 92 93 94 95 96 … 119 120 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,989 advisories