Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,002 advisories

Loading
The Sophos Web Appliance (version 4.2.1.3) is vulnerable to two Remote Command Injection... High Unreviewed
CVE-2016-9553 was published May 17, 2022
EMC RecoverPoint versions before 4.4.1.1 and EMC RecoverPoint for Virtual Machines versions... High Unreviewed
CVE-2016-6649 was published May 17, 2022
An issue was discovered on SendQuick Entera and Avera devices before 2HF16. Multiple Command... Critical Unreviewed
CVE-2016-10098 was published May 17, 2022
IBM Tivoli Endpoint Manager could allow a user under special circumstances to inject commands... High Unreviewed
CVE-2016-0396 was published May 17, 2022
The Parental Control panel in Genexis devices with DRGOS before 1.14.1 allows remote... High Unreviewed
CVE-2015-3441 was published May 17, 2022
Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11... Critical Unreviewed
CVE-2016-10108 was published May 17, 2022
Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11... Critical Unreviewed
CVE-2016-10107 was published May 17, 2022
Bugzilla before 4.0.16, 4.1.x and 4.2.x before 4.2.12, 4.3.x and 4.4.x before 4.4.7, and 5.x... Moderate Unreviewed
CVE-2014-8630 was published May 17, 2022
The management console on the Symantec Web Gateway (SWG) appliance before 5.2.2 allows remote... Moderate Unreviewed
CVE-2014-7285 was published May 17, 2022
The D-Link DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and earlier allows remote... High Unreviewed
CVE-2015-2051 was published May 17, 2022
The get_rpm_nvr_by_file_path_temporary function in util.py in setroubleshoot before 3.2.22 allows... High Unreviewed
CVE-2015-1815 was published May 17, 2022
The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to... High Unreviewed
CVE-2015-1986 was published May 17, 2022
The remove_bad_chars function in utils/cups-browsed.c in cups-filters before 1.0.66 allows remote... High Unreviewed
CVE-2015-2265 was published May 17, 2022
The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to... High Unreviewed
CVE-2015-1949 was published May 17, 2022
The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to... High Unreviewed
CVE-2015-1938 was published May 17, 2022
Directory traversal vulnerability in file "jcss.php" in Zikula 1.3.x before 1.3.11 and 1.4.x... Critical Unreviewed
CVE-2016-9835 was published May 17, 2022
An issue was discovered in Pivotal Greenplum before 4.3.10.0. Creation of external tables using... High Unreviewed
CVE-2016-6656 was published May 17, 2022
The management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0... High Unreviewed
CVE-2015-6547 was published May 17, 2022
Mailcwp remote file upload vulnerability incomplete fix v1.100 Critical Unreviewed
CVE-2016-1000156 was published May 17, 2022
Endian Firewall before 3.0 allows remote attackers to execute arbitrary commands via shell... High Unreviewed
CVE-2015-5082 was published May 17, 2022
The Management Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler... High Unreviewed
CVE-2015-5080 was published May 17, 2022
The portal in IBM Tivoli Monitoring (ITM) 6.2.2 through FP9, 6.2.3 through FP5, and 6.3.0 before... High Unreviewed
CVE-2015-5003 was published May 17, 2022
IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and... High Unreviewed
CVE-2015-4974 was published May 17, 2022
BitTorrent Sync allows remote attackers to execute arbitrary commands via a crafted btsync: link. High Unreviewed
CVE-2015-2846 was published May 17, 2022
Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1)... Critical Unreviewed
CVE-2016-1388 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database