Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,102 advisories

Loading
A vulnerability in the CLI command-parsing code of the Cisco StarOS operating system for Cisco... High Unreviewed
CVE-2017-6707 was published May 17, 2022
A vulnerability in certain commands of Cisco Elastic Services Controller could allow an... High Unreviewed
CVE-2017-6712 was published May 17, 2022
An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control Center) devices before 8... Critical Unreviewed
CVE-2022-31794 was published Jun 21, 2022
An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control Center) devices before 8... Critical Unreviewed
CVE-2022-31795 was published Jun 21, 2022
Two methods of a utility class in SAP NetWeaver AS ABAP - versions 700, 701, 702, 710, 711, 730,... High Unreviewed
CVE-2021-44235 was published Dec 15, 2021
Multiple command injection vulnerabilities exist in the web_server action endpoints... Critical Unreviewed
CVE-2022-33313 was published Jul 1, 2022
Dell Container Storage Modules 1.2 contains an OS Command Injection in goiscsi and gobrick... High Unreviewed
CVE-2022-34427 was published Oct 11, 2022
IBM MQ Appliance 8.0 and 9.0 could allow an authenticated messaging administrator to execute... High Unreviewed
CVE-2017-1318 was published May 17, 2022
iox in Cisco IOS, possibly 15.6 and earlier, and IOS XE, possibly 3.18 and earlier, allows local... High Unreviewed
CVE-2016-6414 was published May 17, 2022
A vulnerability in Cisco WebEx Meetings Server could allow an authenticated, remote attacker to... High Unreviewed
CVE-2017-3796 was published May 17, 2022
The Quectel RG502Q-EA modem before 2022-02-23 allow OS Command Injection. Critical Unreviewed
CVE-2022-26147 was published Jun 22, 2022
The affected product is vulnerable to a parameter injection via passphrase, which enables the... High Unreviewed
CVE-2021-42538 was published May 24, 2022
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. An OS injection... Critical Unreviewed
CVE-2022-30329 was published Jun 17, 2022
Cisco WebEx Meetings Server 2.6 allows remote attackers to execute arbitrary commands by... High Unreviewed
CVE-2016-1482 was published May 17, 2022
A vulnerability has been found in ajenti 2.1.31 and classified as critical. This vulnerability... High Unreviewed
CVE-2019-25066 was published Jun 10, 2022
In SapphireIMS 5.0, it is possible to use the hardcoded credential in clients (username: sapphire... Critical Unreviewed
CVE-2020-25560 was published May 24, 2022
Cobian Backup 11 client allows man-in-the-middle attackers to add and execute new backup tasks... High Unreviewed
CVE-2017-11318 was published May 17, 2022
Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business... High Unreviewed
CVE-2021-1401 was published May 24, 2022
Multiple vulnerabilities exist in the web-based management interface of Cisco Small Business RV... Critical Unreviewed
CVE-2021-1473 was published May 24, 2022
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote... High Unreviewed
CVE-2021-1443 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W,... High Unreviewed
CVE-2021-1150 was published May 24, 2022
Improper neutralization of special elements in the SonicWall SSL-VPN SMA100 series management... High Unreviewed
CVE-2022-1703 was published Jun 9, 2022
OS Command Injection in file editor in Gogs Critical
CVE-2022-1986 was published for gogs.io/gogs (Go) Jun 8, 2022
1135
Credited to 1135
The administrative web interface in Cisco TelePresence Video Communication Server Expressway X8.5... High Unreviewed
CVE-2016-1468 was published May 17, 2022
An authenticated attacker can send a specially crafted route to the “edit_route.cgi” binary and... High Unreviewed
CVE-2022-31486 was published Jun 7, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database