Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

362 advisories

Loading
Command Injection Vulnerability in systeminformation Moderate
CVE-2020-26274 was published for systeminformation (npm) Dec 16, 2020
Command injection in codecov (npm package) Moderate
CVE-2020-15123 was published for codecov (npm) Jul 20, 2020
Prototype Pollution in systeminformation Moderate
CVE-2020-26245 was published for systeminformation (npm) Nov 27, 2020
OS Command Injection in node-notifier Moderate
CVE-2020-7789 was published for node-notifier (npm) Dec 21, 2020
Arbitrary Command Injection due to Improper Command Sanitization Moderate
GHSA-hxwm-x553-x359 was published for @npmcli/git (npm) Aug 5, 2021
tyage
Code injection in npm git Moderate
CVE-2021-23632 was published for git (npm) Mar 18, 2022
lib/ajaxHandlers/ajaxAddTemplate.php in rConfig through 3.94 allows remote attackers to execute... Moderate Unreviewed
CVE-2020-10221 was published May 24, 2022
react-dev-utils OS Command Injection in function `getProcessForPort` Moderate
CVE-2021-24033 was published for react-dev-utils (npm) Mar 11, 2021
A remote authenticated SQL Injection vulnerabilitiy was discovered in Aruba ClearPass Policy... Moderate Unreviewed
CVE-2021-26685 was published May 24, 2022
GigaCC OFFICE ver.2.3 and earlier allows remote attackers to execute arbitrary OS commands via... Moderate Unreviewed
CVE-2016-7844 was published May 17, 2022
Cisco TelePresence endpoints running either CE or TC software contain a vulnerability that could... Moderate Unreviewed
CVE-2016-6459 was published May 17, 2022
A vulnerability in a startup script of Cisco IOS XE Software could allow an unauthenticated... Moderate Unreviewed
CVE-2017-6606 was published May 17, 2022
A vulnerability in CLI command processing in the Cisco Firepower 4100 Series Next-Generation... Moderate Unreviewed
CVE-2017-3806 was published May 17, 2022
WNC01WH firmware 1.0.0.9 and earlier allows authenticated attackers to execute arbitrary OS... Moderate Unreviewed
CVE-2017-2152 was published May 17, 2022
Dell EMC PowerStore, contains an OS command injection Vulnerability. A locally authenticated... Moderate Unreviewed
CVE-2022-22555 was published Jul 22, 2022
IBM CICS TX 11.1 could allow allow an attacker with physical access to the system to execute code... Moderate Unreviewed
CVE-2022-33955 was published Aug 2, 2022
Buffalo network devices WSR-3200AX4S firmware Ver. 1.26 and earlier, WSR-3200AX4B firmware Ver. 1... Moderate Unreviewed
CVE-2022-43466 was published Dec 19, 2022
McAfee Enterprise Security Manager (ESM), Enterprise Security Manager/Log Manager (ESMLM), and... Moderate Unreviewed
CVE-2015-7310 was published May 17, 2022
A local file script in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2... Moderate Unreviewed
CVE-2015-4330 was published May 17, 2022
A vulnerability in the self-healing functionality of Cisco IOS XE Software for Embedded Wireless... Moderate Unreviewed
CVE-2022-20855 was published Oct 1, 2022
OCS Inventory NG 2.7 allows Remote Command Execution via shell metacharacters to require... Moderate Unreviewed
CVE-2020-14947 was published May 24, 2022
baserCMS 3.0.2 through 3.0.8 allows remote authenticated users to execute arbitrary OS commands... Moderate Unreviewed
CVE-2015-7769 was published May 17, 2022
KDDI HOME SPOT CUBE devices before 2 allow remote authenticated users to execute arbitrary OS... Moderate Unreviewed
CVE-2016-1141 was published May 17, 2022
An unspecified script in the web interface in Cisco Firepower Extensible Operating System 1.1(1... Moderate Unreviewed
CVE-2015-6380 was published May 17, 2022
PC-EGG pWebManager before 3.3.10, and before 2.2.2 for PHP 4.x, allows remote authenticated users... Moderate Unreviewed
CVE-2015-7774 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database