Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,102 advisories

Loading
cgi-bin/admin/servetest in TP-Link IP Cameras TL-SC3130, TL-SC3130G, TL-SC3171, TL-SC3171G, and... High Unreviewed
CVE-2013-2578 was published May 17, 2022
The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to... Moderate Unreviewed
CVE-2012-4108 was published May 17, 2022
The DrayTek Vigor 2700 router 2.8.3 allows remote attackers to execute arbitrary JavaScript code,... Moderate Unreviewed
CVE-2013-5703 was published May 17, 2022
The runShellCmd function in systemCheck.htm in D-Link DSR-150 with firmware before 1.08B44; DSR... High Unreviewed
CVE-2013-5946 was published May 17, 2022
ginkgosnmp.inc in HP System Management Homepage (SMH) allows remote authenticated users to... High Unreviewed
CVE-2013-3576 was published May 17, 2022
The management console on the Symantec Web Gateway (SWG) appliance before 5.1.1 allows remote... High Unreviewed
CVE-2013-1616 was published May 17, 2022
The Thecus NAS server N8800 with firmware 5.03.01 allows remote attackers to execute arbitrary... High Unreviewed
CVE-2013-5667 was published May 17, 2022
TRENDnet TEW-812DRU router allows remote authenticated users to execute arbitrary commands via... High Unreviewed
CVE-2013-3365 was published May 17, 2022
CRU Ditto Forensic FieldStation with firmware before 2013Oct15a allows remote attackers to... High Unreviewed
CVE-2013-6881 was published May 17, 2022
Sophos Web Appliance before 3.7.8.2 allows (1) remote attackers to execute arbitrary commands via... High Unreviewed
CVE-2013-2642 was published May 17, 2022
The administrative interface in Allied Telesis AT-RG634A ADSL Broadband router 3.3+, iMG624A... High Unreviewed
CVE-2014-1982 was published May 17, 2022
The network interface configuration page (netinterface) in Sophos Web Appliance before 3.8.2... High Unreviewed
CVE-2014-2850 was published May 17, 2022
The ZyXEL Wireless N300 NetUSB NBG-419N router with firmware 1.00(BFQ.6)C0 allows remote... High Unreviewed
CVE-2014-0356 was published May 17, 2022
Xangati XSR before 11 and XNR before 7 allows remote attackers to execute arbitrary commands via... High Unreviewed
CVE-2014-0359 was published May 17, 2022
PaperThin CommonSpot before 7.0.2 and 8.x before 8.0.3 allows remote attackers to execute... High Unreviewed
CVE-2014-2874 was published May 17, 2022
Pillow command injection Critical
CVE-2014-3007 was published for pillow (pip) May 17, 2022
The commandline interface in Blue Coat Content Analysis System (CAS) 1.1 before 1.1.4.2 allows... Moderate Unreviewed
CVE-2014-2565 was published May 17, 2022
costview3/xmlrpc_server/xmlrpc.php in CostView in Caldera 9.20 allows remote attackers to execute... High Unreviewed
CVE-2014-2935 was published May 17, 2022
The default keybindings for wwm in LTSP Display Manager (ldm) 2.2.x before 2.2.7 allow remote... High Unreviewed
CVE-2012-1166 was published May 17, 2022
Usermin before 1.600 allows remote attackers to execute arbitrary operating-system commands via... Moderate Unreviewed
CVE-2014-3883 was published May 17, 2022
logViewer.htm on the Dell ML6000 tape backup system with firmware before i8.2.0.2 (641G.GS103)... High Unreviewed
CVE-2014-2959 was published May 17, 2022
cups-browsed in cups-filters 1.0.41 before 1.0.51 allows remote IPP printers to execute arbitrary... High Unreviewed
CVE-2014-2707 was published May 17, 2022
The uploadFile function in upload/index.php in CosCMS before 1.822 allows remote administrators... High Unreviewed
CVE-2013-1668 was published May 17, 2022
Autodesk VRED Professional 2014 before SR1 SP8 allows remote attackers to execute arbitrary code... High Unreviewed
CVE-2014-2967 was published May 17, 2022
cgi-bin/cgiServer.exx in Yealink VoIP Phone SIP-T38G allows remote authenticated users to execute... High Unreviewed
CVE-2013-5758 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database