Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,640
Maven
5,000+
npm
4,265
NuGet
760
pip
4,061
Pub
12
RubyGems
956
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,103 advisories

Loading
The STARTTLS implementation in MailMarshal before 7.2 allows plaintext command injection. Critical Unreviewed
CVE-2014-2727 was published May 17, 2022
Openshift has shell command injection flaws due to unsanitized data being passed into shell... High Unreviewed
CVE-2014-0163 was published May 17, 2022
The papd daemon in Netatalk before 2.0.4-beta2, when using certain variables in a pipe command... High Unreviewed
CVE-2008-5718 was published May 17, 2022
The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x... High Unreviewed
CVE-2011-0372 was published May 17, 2022
The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x... High Unreviewed
CVE-2011-0374 was published May 17, 2022
The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.6.x... High Unreviewed
CVE-2011-0375 was published May 17, 2022
The CGI implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5.x... High Unreviewed
CVE-2011-0373 was published May 17, 2022
The XML-RPC implementation on Cisco TelePresence endpoint devices with software 1.2.x through 1.5... High Unreviewed
CVE-2011-0378 was published May 17, 2022
The CGI subsystem on Cisco TelePresence Recording Server devices with software 1.6.x before 1.6.2... High Unreviewed
CVE-2011-0382 was published May 17, 2022
An unspecified function in the web interface in Proofpoint Messaging Security Gateway 6.2.0.263:6... High Unreviewed
CVE-2011-1904 was published May 17, 2022
webscript.pl in Open Ticket Request System (OTRS) 2.3.4 and earlier allows remote attackers to... High Unreviewed
CVE-2011-0456 was published May 17, 2022
HP no Mawashimono Nikki 6.6 and earlier allows remote attackers to execute arbitrary commands via... High Unreviewed
CVE-2011-4002 was published May 17, 2022
The administrative web interface on Cisco TelePresence Immersive Endpoint Devices before 1.7.4... High Unreviewed
CVE-2012-3075 was published May 17, 2022
The administrative web interface on Cisco TelePresence Recording Server before 1.8.0 allows... High Unreviewed
CVE-2012-3076 was published May 17, 2022
An ActiveX control in KeyHelp.ocx in KeyWorks KeyHelp Module (aka the HTML Help component), as... High Unreviewed
CVE-2012-2516 was published May 17, 2022
The Johnson Controls CK721-A controller with firmware before SSM4388_03.1.0.14_BB allows remote... High Unreviewed
CVE-2012-2607 was published May 17, 2022
lhn/public/network/ping in HP SAN/iQ 9.5 on the HP Virtual SAN Appliance allows remote... High Unreviewed
CVE-2012-2986 was published May 17, 2022
lhn/public/network/ping in HP SAN/iQ before 9.5 on the HP Virtual SAN Appliance allows remote... High Unreviewed
CVE-2012-4361 was published May 17, 2022
The Cybozu KUNAI application before 2.0.6 for Android allows remote attackers to execute... High Unreviewed
CVE-2012-4011 was published May 17, 2022
The UPnP IGD implementation in Edimax EdiLinux on the Edimax BR-6104K with firmware before 3.25,... High Unreviewed
CVE-2011-4502 was published May 17, 2022
The client in Novell GroupWise 8.0 before 8.0.3 HP2 and 2012 before SP1 HP1 allows remote... High Unreviewed
CVE-2013-0804 was published May 17, 2022
Mutiny Standard before 4.5-1.12 allows remote attackers to execute arbitrary commands via the... High Unreviewed
CVE-2012-3001 was published May 17, 2022
The web browser plugin for Ubisoft Uplay PC before 2.0.4 allows remote attackers to execute... High Unreviewed
CVE-2012-4177 was published May 17, 2022
SQL injection vulnerability in the Help Desk application in Wave EMBASSY Remote Administration... High Unreviewed
CVE-2013-3578 was published May 17, 2022
core/getLog.php on the Siemens Enterprise OpenScape Branch appliance and OpenScape Session Border... High Unreviewed
CVE-2013-4781 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database