Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,100 advisories

Loading
** UNSUPPORTED WHEN ASSIGNED ** D-Link DIR-610 devices allow Remote Command Execution via the cmd... Moderate Unreviewed
CVE-2020-9377 was published May 24, 2022
A remote code execution vulnerability exists in the WebAdmin of Sophos SG UTM before v9.705 MR5,... Critical Unreviewed
CVE-2020-25223 was published May 24, 2022
VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector... High Unreviewed
CVE-2020-4006 was published May 24, 2022
Remote Code execution vulnerability in Micro Focus Operation Bridge Reporter (OBR) product,... Critical Unreviewed
CVE-2021-22502 was published May 24, 2022
Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the... High Unreviewed
CVE-2021-25296 was published May 24, 2022
Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the... High Unreviewed
CVE-2021-25298 was published May 24, 2022
Nagios XI version xi-5.7.5 is affected by OS command injection. The vulnerability exists in the... High Unreviewed
CVE-2021-25297 was published May 24, 2022
Accellion FTA 9_12_411 and earlier is affected by OS command execution via a local web service... High Unreviewed
CVE-2021-27102 was published May 24, 2022
Sunhillo SureLine before 8.7.0.1.1 allows Unauthenticated OS Command Injection via shell... Critical Unreviewed
CVE-2021-36380 was published May 24, 2022
dnslookup.cgi on NETGEAR DGN2200 devices with firmware through 10.0.0.50 allows remote... High Unreviewed
CVE-2017-6334 was published May 13, 2022
Improper neutralization of special elements in the SMA100 management interface allows a remote... Moderate Unreviewed
CVE-2021-20035 was published May 24, 2022
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers... Critical Unreviewed
CVE-2022-20708 was published Feb 11, 2022
A Remote Command Execution (RCE) vulnerability exists in all series H/W revisions D-link DIR-810L... Critical Unreviewed
CVE-2021-45382 was published Feb 18, 2022
D-Link DIR-820L 1.05B03 was discovered to contain a remote command execution (RCE) vulnerability... Critical Unreviewed
CVE-2022-26258 was published Mar 29, 2022
A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware... Critical Unreviewed
CVE-2022-30525 was published May 13, 2022
Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17,... High Unreviewed
CVE-2022-36804 was published Aug 26, 2022
An issue was discovered in PRTG Network Monitor before 18.2.39. An attacker who has access to the... High Unreviewed
CVE-2018-9276 was published May 13, 2022
An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9... Critical Unreviewed
CVE-2018-14558 was published May 13, 2022
RESERVED An issue in the /login/index.php component of Centos Web Panel 7 before v0.9.8.1147... Critical Unreviewed
CVE-2022-44877 was published Jan 6, 2023
On Reolink RLC-410W, C1 Pro, C2 Pro, RLC-422W, and RLC-511W devices through 1.0.227, an... High Unreviewed
CVE-2019-11001 was published May 14, 2022
In Pulse Secure Pulse Connect Secure version 9.0RX before 9.0R3.4, 8.3RX before 8.3R7.1, 8.2RX... High Unreviewed
CVE-2019-11539 was published May 24, 2022
Improper error message handling in Zyxel ZyWALL/USG series firmware versions 4.60 through 4.73,... Critical Unreviewed
CVE-2023-28771 was published Apr 25, 2023
The pre-authentication command injection vulnerability in the Zyxel NAS326 firmware versions... Critical Unreviewed
CVE-2023-27992 was published Jun 19, 2023
A flaw was found in Exim versions 4.87 to 4.91 (inclusive). Improper validation of recipient... Critical Unreviewed
CVE-2019-10149 was published May 24, 2022
An issue was discovered in Webmin through 1.920. The parameter old in password_change.cgi... Critical Unreviewed
CVE-2019-15107 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database