Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,101 advisories

Loading
An issue was discovered on Motorola C1 and M2 devices with firmware 1.01 and 1.07 respectively.... Critical Unreviewed
CVE-2019-9119 was published May 14, 2022
www/soap/application/MCSoap/Logs.php in MailCleaner Community Edition 2018.08 allows remote... High Unreviewed
CVE-2018-20323 was published May 14, 2022
Improper Neutralization of Special Elements used in an OS Command in Apache ActiveMQ High
CVE-2014-3576 was published for org.apache.activemq:activemq-client (Maven) May 14, 2022
sunSUNQ
Credited to sunSUNQ
An issue was discovered on D-Link DSL-3782 devices with firmware 1.01. An OS command injection... High Unreviewed
CVE-2018-17990 was published May 14, 2022
An issue was discovered on AudioCodes 450HD IP Phone devices with firmware 3.0.0.535.106. The... High Unreviewed
CVE-2018-5757 was published May 14, 2022
On Reolink RLC-410W, C1 Pro, C2 Pro, RLC-422W, and RLC-511W devices through 1.0.227, an... High Unreviewed
CVE-2019-11001 was published May 14, 2022
backintime (aka Back in Time) before 1.1.24 did improper escaping/quoting of file paths used as... High Unreviewed
CVE-2017-16667 was published May 14, 2022
OS Command Injection in Jenkins High
CVE-2017-1000393 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
Crestron TSW-1060, TSW-760, TSW-560, TSW-1060-NC, TSW-760-NC, and TSW-560-NC devices before 2.001... Critical Unreviewed
CVE-2018-11229 was published May 14, 2022
CouchDB administrative users can configure the database server via HTTP(S). Some of the... High Unreviewed
CVE-2017-12636 was published May 14, 2022
Elasticsearch Logstash allows remote attackers to execute arbitrary commands High
CVE-2014-4326 was published for logstash (RubyGems) May 14, 2022
postmodern tdeo
Credited to postmodern and tdeo
A Vulnerability in Brocade Network Advisor versions before 14.1.0 could allow a remote... Critical Unreviewed
CVE-2018-6444 was published May 14, 2022
Puppet Arbitrary Command Execution Moderate
CVE-2012-1988 was published for puppet (RubyGems) May 14, 2022
programs/pluto/xauth.c in the client in Openswan 2.6.26 through 2.6.28 allows remote... Moderate Unreviewed
CVE-2010-3753 was published May 14, 2022
programs/pluto/xauth.c in the client in Openswan 2.6.25 through 2.6.28 allows remote... Moderate Unreviewed
CVE-2010-3752 was published May 14, 2022
The VBWinExec function in Node\AspVBObj.dll in Advantech WebAccess 8.3.0 allows remote attackers... Critical Unreviewed
CVE-2018-6911 was published May 14, 2022
Certain Anaconda3 2021.05 are affected by OS command injection. When a user installs Anaconda, an... High Unreviewed
CVE-2021-42969 was published May 14, 2022
Ruby before 2.4.3 allows Net::FTP command injection. Net::FTP#get, getbinaryfile, gettextfile,... High Unreviewed
CVE-2017-17405 was published May 13, 2022
For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, when joining a... High Unreviewed
CVE-2018-9075 was published May 13, 2022
For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, when changing... High Unreviewed
CVE-2018-9076 was published May 13, 2022
For some Iomega, Lenovo, LenovoEMC NAS devices versions 4.1.402.34662 and earlier, when changing... High Unreviewed
CVE-2018-9077 was published May 13, 2022
In Vecna VGo Robot versions prior to 3.0.3.52164, an attacker on an adjacent network could... High Unreviewed
CVE-2018-8866 was published May 13, 2022
A remote code execution issue was discovered in Zoho ManageEngine Applications Manager before 13... Critical Unreviewed
CVE-2018-7890 was published May 13, 2022
An issue was discovered in Leptonica through 1.75.3. The gplotMakeOutput function allows command... Critical Unreviewed
CVE-2018-7440 was published May 13, 2022
VMware NSX SD-WAN Edge by VeloCloud prior to version 3.1.0 contains a command injection... High Unreviewed
CVE-2018-6961 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database