Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,104 advisories

Loading
Exposed Erlang Cookie could lead to Remote Command Execution (RCE) attack. Communication between... Critical Unreviewed
CVE-2020-24719 was published May 24, 2022
An OS command injection and memory corruption vulnerability in the PAN-OS management web... High Unreviewed
CVE-2020-2000 was published May 24, 2022
iCMS 7 attackers to execute arbitrary OS commands via shell metacharacters in the DB_PREFIX... Critical Unreviewed
CVE-2020-19142 was published May 24, 2022
A vulnerability in Cisco IOS XE Software could allow an authenticated, local attacker to execute... High Unreviewed
CVE-2020-3417 was published May 24, 2022
A vulnerability in the web UI of Cisco Integrated Management Controller (IMC) could allow an... High Unreviewed
CVE-2020-3371 was published May 24, 2022
An issue was discovered on Gemtek WRTM-127ACN 01.01.02.141 and WRTM-127x9 01.01.02.127 devices.... High Unreviewed
CVE-2020-24365 was published May 24, 2022
SAP Business Warehouse, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 782,... Critical Unreviewed
CVE-2020-26838 was published May 24, 2022
Addressed remote code execution vulnerability in cgi_api.php that allowed escalation of... Critical Unreviewed
CVE-2020-27158 was published May 24, 2022
Addressed remote code execution vulnerability in DsdkProxy.php due to insufficient sanitization... Critical Unreviewed
CVE-2020-27159 was published May 24, 2022
A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to... High Unreviewed
CVE-2020-3459 was published May 24, 2022
Win32k Elevation of Privilege Vulnerability This CVE ID is unique from CVE-2020-17038. High Unreviewed
CVE-2020-17010 was published May 24, 2022
SAP Solution Manager and SAP Focused Run (update provided in WILY_INTRO_ENTERPRISE 9.7, 10.1, 10... Critical Unreviewed
CVE-2020-6364 was published May 24, 2022
The QCMAP_CLI utility in the Qualcomm QCMAP software suite prior to versions released in October... High Unreviewed
CVE-2020-25859 was published May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2020-17406 was published May 24, 2022
osCommerce Phoenix CE before 1.0.5.4 allows OS command injection remotely. Within admin/mail.php,... Critical Unreviewed
CVE-2020-27976 was published May 24, 2022
An issue was discovered in EyesOfNetwork 5.3 through 5.3-8. An authenticated web user with... High Unreviewed
CVE-2020-27887 was published May 24, 2022
IBM Security Guardium Data Encryption (GDE) 3.0.0.2 could allow a remote authenticated attacker... High Unreviewed
CVE-2019-4713 was published May 24, 2022
SEOWON INTECH SLC-130 And SLR-120S devices allow Remote Code Execution via the ipAddr parameter... High Unreviewed
CVE-2020-17456 was published May 24, 2022
A command injection vulnerability exists in EdgeSwitch firmware <v1.9.0 that allowed an... High Unreviewed
CVE-2020-8233 was published May 24, 2022
The ping page of the administration panel in Telmat AccessLog <= 6.0 (TAL_20180415) allows an... High Unreviewed
CVE-2020-16148 was published May 24, 2022
Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option,... Moderate Unreviewed
CVE-2020-17367 was published May 24, 2022
The login page in Telmat AccessLog <= 6.0 (TAL_20180415) allows an attacker to get root shell... Critical Unreviewed
CVE-2020-16147 was published May 24, 2022
D-Link DSL-7740C does not properly validate user input, which allows an authenticated LAN user to... Moderate Unreviewed
CVE-2020-12774 was published May 24, 2022
FusionCompute 8.0.0 have a command injection vulnerability. The software does not sufficiently... Moderate Unreviewed
CVE-2020-9242 was published May 24, 2022
An arbitrary code exection vulnerability exists in Linksys WUMC710 Wireless-AC Universal Media... High Unreviewed
CVE-2022-43971 was published Jan 9, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database