Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,101 advisories

Loading
Infinite Automation Mango Automation 2.5.x and 2.6.x through 2.6.0 build 430 allows remote... Moderate Unreviewed
CVE-2015-7901 was published May 17, 2022
CG-WLR300NM Firmware version 1.90 and earlier allows an attacker to execute arbitrary OS commands... High Unreviewed
CVE-2017-10813 was published May 17, 2022
The Manager component in Cisco Unified Computing System (UCS) 2.2(3b) on B Blade Server devices... High Unreviewed
CVE-2015-4279 was published May 17, 2022
The escapeshellarg function in ext/standard/exec.c in PHP before 5.4.42, 5.5.x before 5.5.26, and... Critical Unreviewed
CVE-2015-4642 was published May 17, 2022
Pydio (formerly AjaXplorer) before 6.0.7 allows remote attackers to execute arbitrary commands... Critical Unreviewed
CVE-2015-3431 was published May 17, 2022
The Netrw plugin (netrw.vim) in Vim 7.0 and 7.1 allows user-assisted attackers to execute... High Unreviewed
CVE-2008-6235 was published May 17, 2022
viewrq.php in nweb2fax 0.2.7 and earlier allows remote attackers to execute arbitrary code via... High Unreviewed
CVE-2008-6669 was published May 17, 2022
Ruckus Wireless Zone Director Controller firmware releases ZD9.9.x, ZD9.10.x, ZD9.13.0.x less... High Unreviewed
CVE-2017-6223 was published May 17, 2022
SPIP 3.1.x before 3.1.6 and 3.2.x before Beta 3 does not remove shell metacharacters from the... Critical Unreviewed
CVE-2017-9736 was published May 17, 2022
lib/rrd.php in Cacti 1.1.27 allows remote authenticated administrators to execute arbitrary OS... High Unreviewed
CVE-2017-16641 was published May 17, 2022
I, Librarian version <=4.6 & 4.7 is vulnerable to OS Command Injection in batchimport.php... Critical Unreviewed
CVE-2017-1000235 was published May 17, 2022
The web server on DBL DBLTek devices allows remote attackers to execute arbitrary OS commands by... Critical Unreviewed
CVE-2017-16934 was published May 17, 2022
PTW-WMS1 firmware version 2.000.012 allows remote attackers to execute arbitrary OS commands via... Critical Unreviewed
CVE-2017-10902 was published May 17, 2022
GitPHP by xiphux is vulnerable to OS Command Injections Critical Unreviewed
CVE-2017-1000214 was published May 17, 2022
The most package in Debian wheezy before 5.0.0a-2.2, in Debian jessie before 5.0.0a-2.3+deb8u1,... Critical Unreviewed
CVE-2016-1253 was published May 17, 2022
Artica Web Proxy before 3.06.112911 allows remote attackers to execute arbitrary code as root by... Critical Unreviewed
CVE-2017-17055 was published May 17, 2022
The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to... High Unreviewed
CVE-2012-2953 was published May 17, 2022
The management console in Symantec Web Gateway 5.0.x before 5.0.3.18 allows remote attackers to... High Unreviewed
CVE-2012-2976 was published May 17, 2022
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy... Critical Unreviewed
CVE-2022-23664 was published May 17, 2022
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy... High Unreviewed
CVE-2022-23667 was published May 17, 2022
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy... Critical Unreviewed
CVE-2022-23662 was published May 17, 2022
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy... Critical Unreviewed
CVE-2022-23665 was published May 17, 2022
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy... Critical Unreviewed
CVE-2022-23666 was published May 17, 2022
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy... Critical Unreviewed
CVE-2022-23663 was published May 17, 2022
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy... Critical Unreviewed
CVE-2022-23661 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database