Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,104 advisories

Loading
Symantec Endpoint Protection Manager (SEPM) 12.1 before 12.1-RU6-MP3 allows remote attackers to... High Unreviewed
CVE-2015-6554 was published May 17, 2022
An os command injection vulnerability exists in the confsrv ucloud_add_new_node functionality of... Critical Unreviewed
CVE-2022-21178 was published Aug 6, 2022
Cisco UCS Central Software 1.2(1a) allows local users to gain privileges for OS command execution... High Unreviewed
CVE-2015-4183 was published May 17, 2022
The diagnostics subsystem in the administrative web interface on Cisco Virtualization Experience ... High Unreviewed
CVE-2015-4186 was published May 17, 2022
OS Command Injection in s3-uploader High
CVE-2021-34084 was published for s3-uploader (npm) Jun 3, 2022
ffmpeg-sdk vulnerable to OS Command Injection Critical
CVE-2020-28435 was published for ffmpeg-sdk (npm) Jul 26, 2022
xopen is vulnerable to OS Command Injection in Exported Function xopen(filepath) Critical
CVE-2020-28447 was published for xopen (npm) Jul 26, 2022
Cisco Unified Computing System (UCS) Platform Emulator 2.5(2)TS4, 3.0(2c)A, and 3.0(2c)TS9 allows... High Unreviewed
CVE-2016-1339 was published May 17, 2022
An os command injection vulnerability exists in the confsrv ucloud_add_node functionality of TCL... Critical Unreviewed
CVE-2022-22140 was published Aug 6, 2022
IBM Security Access Manager for Web 7.0.0 before FP19 and 8.0 before 8.0.1.3 IF3, and Security... High Unreviewed
CVE-2015-5018 was published May 17, 2022
OS Command Injection in gogs Critical
CVE-2021-32546 was published for gogs.io/gogs (Go) Jun 2, 2022
unicorn-security-team
Credited to unicorn-security-team
IBM Security Access Manager for Web 7.0 before IF2 and 8.0 before 8.0.1.4 IF3 and Security Access... Critical Unreviewed
CVE-2016-3028 was published May 17, 2022
Igreks MilkyStep Light 0.94 and earlier and Professional 1.82 and earlier allows remote attackers... High Unreviewed
CVE-2015-2955 was published May 17, 2022
OS Command injection in ssl-utils High
CVE-2021-34080 was published for ssl-utils (npm) Jun 3, 2022
The web framework in Cisco Identity Services Engine (ISE) 1.0 and 1.1.0 before 1.1.0.665-5, 1.1.1... High Unreviewed
CVE-2013-5530 was published May 17, 2022
Fortinet FortiWan (formerly AscernLink) before 4.2.5 allows remote authenticated users with... High Unreviewed
CVE-2016-4965 was published May 17, 2022
An unspecified interface in SAP TREX 7.10 Revision 63 allows remote attackers to execute... Critical Unreviewed
CVE-2016-6147 was published May 17, 2022
The Device Manager GUI in Cisco Application Control Engine (ACE) 4710 A5 before A5(3.1) allows... High Unreviewed
CVE-2016-1297 was published May 17, 2022
A vulnerability in the self-healing functionality of Cisco IOS XE Software for Embedded Wireless... Moderate Unreviewed
CVE-2022-20855 was published Oct 1, 2022
IBM Rational Collaborative Lifecycle Management 3.0.1.6 before iFix8, 4.0 before 4.0.7 iFix11, 5... High Unreviewed
CVE-2016-0325 was published May 17, 2022
Directory traversal vulnerability in processImageSave.jsp in DCNM-SAN Server in Cisco Prime Data... High Unreviewed
CVE-2013-5486 was published May 17, 2022
The web service on Nexxt Amp300 ARN02304U8 42.103.1.5095 devices allows remote OS command... High Unreviewed
CVE-2022-44149 was published Jan 6, 2023
OCS Inventory NG 2.7 allows Remote Command Execution via shell metacharacters to require... Moderate Unreviewed
CVE-2020-14947 was published May 24, 2022
The Network Analysis tab (Main_Analysis_Content.asp) in the ASUS RT-AC68U and other RT series... High Unreviewed
CVE-2013-5948 was published May 17, 2022
baserCMS 3.0.2 through 3.0.8 allows remote authenticated users to execute arbitrary OS commands... Moderate Unreviewed
CVE-2015-7769 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database