Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,996 advisories

Loading
osc before 0.151.0 allows remote attackers to execute arbitrary commands via shell metacharacters... High Unreviewed
CVE-2015-0778 was published May 14, 2022
zend-mail remote code execution via Sendmail adapter Critical
CVE-2016-10034 was published for zendframework/zend-mail (Composer) May 14, 2022
The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to two Remote... Critical Unreviewed
CVE-2016-9682 was published May 14, 2022
The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to a Remote... Critical Unreviewed
CVE-2016-9684 was published May 14, 2022
The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to a Remote... Critical Unreviewed
CVE-2016-9683 was published May 14, 2022
xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow remote authenticated users to execute... High Unreviewed
CVE-2016-2056 was published May 14, 2022
Synology Video Station before 1.5-0763 allows remote attackers to execute arbitrary shell... High Unreviewed
CVE-2015-6912 was published May 14, 2022
ping.cgi in NetCommWireless HSPA 3G10WVE wireless routers with firmware before 3G10WVE-L101... Critical Unreviewed
CVE-2015-6024 was published May 14, 2022
The network diagnostics tool (CommandLineServlet) in the Appliance Manager command line utility ... Moderate Unreviewed
CVE-2015-2746 was published May 14, 2022
The help window in Epicor CRS Retail Store before 3.2.03.01.008 allows local users to execute... High Unreviewed
CVE-2015-2210 was published May 14, 2022
Improper Neutralization of Special Elements used in a Command in Apache Cassandra High
CVE-2015-0225 was published for org.apache.cassandra:apache-cassandra (Maven) May 14, 2022
Technicolor Router TD5130 with firmware 2.05.C29GV allows remote attackers to execute arbitrary... High Unreviewed
CVE-2014-9144 was published May 14, 2022
The web administrative portal in Zhone zNID GPON 2426A before S3.0.501 allows remote attackers to... High Unreviewed
CVE-2014-9118 was published May 14, 2022
phpMyAdmin PHP code injection High
CVE-2016-6609 was published for phpmyadmin/phpmyadmin (Composer) May 14, 2022
The WordPress Flash Uploader plugin before 3.1.3 for WordPress allows remote attackers to execute... Critical Unreviewed
CVE-2014-5014 was published May 14, 2022
Tryton vulnerable to arbitrary command execution High
CVE-2014-6633 was published for tryton (pip) May 14, 2022
The EZPZ One Click Backup (ezpz-one-click-backup) plugin 12.03.10 and earlier for WordPress... Critical Unreviewed
CVE-2014-3114 was published May 14, 2022
IBM Rational AppScan Source 8.0 through 8.0.0.2 and 8.5 through 8.5.0.1 and Security AppScan... Critical Unreviewed
CVE-2014-6120 was published May 14, 2022
The installPackage function in the installerHelper subcomponent in Libmacgpg in GPG Suite before... High Unreviewed
CVE-2014-4677 was published May 14, 2022
The cliserver implementation in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8.0, and 8.1... Critical Unreviewed
CVE-2016-2397 was published May 14, 2022
The GMS ViewPoint (GMSVP) web application in Dell SonicWALL GMS, Analyzer, and UMA EM5000 7.2, 8... Critical Unreviewed
CVE-2016-2396 was published May 14, 2022
A Remote Arbitrary Code Execution vulnerability in HPE Smart Storage Administrator version before... High Unreviewed
CVE-2016-8523 was published May 14, 2022
IBM Notes 8.5 and 9.0 could allow a local attacker to execute arbitrary commands by carefully... Moderate Unreviewed
CVE-2017-1720 was published May 14, 2022
Echor contains Command Injection High
CVE-2014-1834 was published for echor (RubyGems) May 14, 2022
IBM Security Identity Manager (ISIM) Virtual Appliance 7.0.0.0 through 7.0.1.0 before 7.0.1-ISS... High Unreviewed
CVE-2016-0324 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database