Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+

352 advisories

Loading
Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local... Moderate Unreviewed
CVE-2021-34721 was published May 24, 2022
Dell NetWorker, versions 18.x and 19.x contain a Path traversal vulnerability. A NetWorker server... Moderate Unreviewed
CVE-2021-21569 was published May 24, 2022
Improper neutralization of special elements in the SMA100 management interface allows a remote... Moderate Unreviewed
CVE-2021-20035 was published May 24, 2022
Dell NetWorker, versions 18.x and 19.x contain an Information disclosure vulnerability. A... Moderate Unreviewed
CVE-2021-21570 was published May 24, 2022
nbmember.cgi in Netbilling 2.0 allows remote attackers to obtain sensitive information via the... Moderate Unreviewed
CVE-2004-2732 was published Apr 29, 2022
SAP GUI allows an authenticated attacker to execute scripts in the local network. On successful... Moderate Unreviewed
CVE-2022-41205 was published Nov 9, 2022
A certain ActiveX control in PDWizard.ocx 6.0.0.9782 and earlier in Microsoft Visual Studio 6.0... Moderate Unreviewed
CVE-2007-4891 was published May 1, 2022
Multiple argument injection vulnerabilities in Mozilla Firefox 2.0.0.5 and 3.0alpha allow remote... Moderate Unreviewed
CVE-2007-4041 was published May 1, 2022
Unspecified vulnerability in Sun Solaris 8 directory functions allows local users to cause a... Moderate Unreviewed
CVE-2008-1115 was published May 1, 2022
Untrusted search path vulnerability in GTK2 in OpenSUSE 11.0 and 11.1 allows local users to... Moderate Unreviewed
CVE-2009-0848 was published May 2, 2022
OS Command Injection in export.php (vulnerable function called from include/functions-article.php... Moderate Unreviewed
CVE-2020-10390 was published May 24, 2022
Untrusted search path vulnerability in dash 0.5.4, when used as a login shell, allows local users... Moderate Unreviewed
CVE-2009-0854 was published May 2, 2022
The node_process_command function in Zabbix Server before 1.8 allows remote attackers to execute... Moderate Unreviewed
CVE-2009-4498 was published May 2, 2022
The Check Point Gaia Portal's GUI Clients allowed authenticated administrators with permission... Moderate Unreviewed
CVE-2021-30361 was published May 12, 2022
An exploitable code execution vulnerability exists in the firmware update functionality of Yi... Moderate Unreviewed
CVE-2018-3890 was published May 13, 2022
Command manipulation in LabKey Server Community Edition before 18.3.0-61806.763 allows an... Moderate Unreviewed
CVE-2019-3913 was published May 13, 2022
A vulnerability in the local management CLI implementation for specific commands on the Cisco UCS... Moderate Unreviewed
CVE-2019-1725 was published May 13, 2022
A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an... Moderate Unreviewed
CVE-2018-0324 was published May 13, 2022
Command Injection in systeminformation Moderate
CVE-2020-26300 was published for systeminformation (npm) Oct 27, 2020
XStream vulnerable to an Arbitrary File Deletion on the local host when unmarshalling Moderate
CVE-2020-26259 was published for com.thoughtworks.xstream:xstream (Maven) Dec 21, 2020
A vulnerability in certain CLI commands of Cisco Identity Services Engine (ISE) could allow an... Moderate Unreviewed
CVE-2018-0214 was published May 13, 2022
[thi.ng/egf] Potential arbitrary code execution of `#gpg`-tagged property values Moderate
CVE-2021-21412 was published for @thi.ng/egf (npm) Apr 6, 2021
erik-krogh
Arbitrary Command Injection in portprocesses Moderate
CVE-2021-23348 was published for portprocesses (npm) Apr 6, 2021
omnitaint
A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series... Moderate Unreviewed
CVE-2018-0122 was published May 13, 2022
OS Command Injection in rpi Moderate
CVE-2019-10796 was published for rpi (npm) Apr 13, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database