Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,100 advisories

Loading
The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3 and earlier, as used in (1)... High Unreviewed
CVE-2008-4796 was published May 13, 2022
Command manipulation in LabKey Server Community Edition before 18.3.0-61806.763 allows an... Moderate Unreviewed
CVE-2019-3913 was published May 13, 2022
GNU Bash through 4.3 processes trailing strings after function definitions in the values of... Critical Unreviewed
CVE-2014-6271 was published May 13, 2022
GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function... High Unreviewed
CVE-2014-7169 was published May 13, 2022
GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of... High Unreviewed
CVE-2014-6278 was published May 13, 2022
runc through 1.0-rc6, as used in Docker before 18.09.2 and other products, allows attackers to... High Unreviewed
CVE-2019-5736 was published May 13, 2022
An Improper Neutralization of Special Elements (in an OS command) issue was discovered in... Critical Unreviewed
CVE-2017-5173 was published May 13, 2022
trixbox 2.8.0.4 has OS command injection via shell metacharacters in the lang parameter to /maint... High Unreviewed
CVE-2017-14535 was published May 13, 2022
** DISPUTED ** In PostgreSQL 9.3 through 11.2, the "COPY TO/FROM PROGRAM" function allows... High Unreviewed
CVE-2019-9193 was published May 13, 2022
An exploitable command injection vulnerability exists in the gplotMakeOutput function of... High Unreviewed
CVE-2018-3836 was published May 13, 2022
An exploitable code execution vulnerability exists in the firmware update functionality of Yi... Moderate Unreviewed
CVE-2018-3890 was published May 13, 2022
An exploitable code execution vulnerability exists in the cloud OTA setup functionality of Yi... High Unreviewed
CVE-2018-3910 was published May 13, 2022
An exploitable command injection vulnerability exists in the measurementBitrateExec functionality... High Unreviewed
CVE-2018-3937 was published May 13, 2022
An exploitable code execution vulnerability exists in the connect functionality of NordVPN 6.14... High Unreviewed
CVE-2018-3952 was published May 13, 2022
Devices in the Linksys ESeries line of routers (Linksys E1200 Firmware Version 2.0.09 and Linksys... High Unreviewed
CVE-2018-3953 was published May 13, 2022
An exploitable operating system command injection exists in the Linksys ESeries line of routers ... High Unreviewed
CVE-2018-3955 was published May 13, 2022
Devices in the Linksys ESeries line of routers (Linksys E1200 Firmware Version 2.0.09 and Linksys... High Unreviewed
CVE-2018-3954 was published May 13, 2022
An exploitable vulnerability exists in the verified boot protection of the CUJO Smart Firewall.... High Unreviewed
CVE-2018-3969 was published May 13, 2022
An exploitable code execution vulnerability exists in the connect functionality of ProtonVPN VPN... High Unreviewed
CVE-2018-4010 was published May 13, 2022
An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE... High Unreviewed
CVE-2018-4019 was published May 13, 2022
An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE... High Unreviewed
CVE-2018-4020 was published May 13, 2022
An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE... High Unreviewed
CVE-2018-4021 was published May 13, 2022
An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR... High Unreviewed
CVE-2017-12120 was published May 13, 2022
An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR... High Unreviewed
CVE-2017-14433 was published May 13, 2022
An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR... High Unreviewed
CVE-2017-12125 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database