GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,940
Maven
5,000+
npm
3,677
NuGet
645
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
352 advisories
Filter by severity
Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local...
Moderate
Unreviewed
CVE-2021-34721
was published
May 24, 2022
Dell NetWorker, versions 18.x and 19.x contain a Path traversal vulnerability. A NetWorker server...
Moderate
Unreviewed
CVE-2021-21569
was published
May 24, 2022
Improper neutralization of special elements in the SMA100 management interface allows a remote...
Moderate
Unreviewed
CVE-2021-20035
was published
May 24, 2022
Dell NetWorker, versions 18.x and 19.x contain an Information disclosure vulnerability. A...
Moderate
Unreviewed
CVE-2021-21570
was published
May 24, 2022
nbmember.cgi in Netbilling 2.0 allows remote attackers to obtain sensitive information via the...
Moderate
Unreviewed
CVE-2004-2732
was published
Apr 29, 2022
SAP GUI allows an authenticated attacker to execute scripts in the local network. On successful...
Moderate
Unreviewed
CVE-2022-41205
was published
Nov 9, 2022
A certain ActiveX control in PDWizard.ocx 6.0.0.9782 and earlier in Microsoft Visual Studio 6.0...
Moderate
Unreviewed
CVE-2007-4891
was published
May 1, 2022
Multiple argument injection vulnerabilities in Mozilla Firefox 2.0.0.5 and 3.0alpha allow remote...
Moderate
Unreviewed
CVE-2007-4041
was published
May 1, 2022
Unspecified vulnerability in Sun Solaris 8 directory functions allows local users to cause a...
Moderate
Unreviewed
CVE-2008-1115
was published
May 1, 2022
Untrusted search path vulnerability in GTK2 in OpenSUSE 11.0 and 11.1 allows local users to...
Moderate
Unreviewed
CVE-2009-0848
was published
May 2, 2022
OS Command Injection in export.php (vulnerable function called from include/functions-article.php...
Moderate
Unreviewed
CVE-2020-10390
was published
May 24, 2022
Untrusted search path vulnerability in dash 0.5.4, when used as a login shell, allows local users...
Moderate
Unreviewed
CVE-2009-0854
was published
May 2, 2022
The node_process_command function in Zabbix Server before 1.8 allows remote attackers to execute...
Moderate
Unreviewed
CVE-2009-4498
was published
May 2, 2022
The Check Point Gaia Portal's GUI Clients allowed authenticated administrators with permission...
Moderate
Unreviewed
CVE-2021-30361
was published
May 12, 2022
An exploitable code execution vulnerability exists in the firmware update functionality of Yi...
Moderate
Unreviewed
CVE-2018-3890
was published
May 13, 2022
Command manipulation in LabKey Server Community Edition before 18.3.0-61806.763 allows an...
Moderate
Unreviewed
CVE-2019-3913
was published
May 13, 2022
A vulnerability in the local management CLI implementation for specific commands on the Cisco UCS...
Moderate
Unreviewed
CVE-2019-1725
was published
May 13, 2022
A vulnerability in the CLI of Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an...
Moderate
Unreviewed
CVE-2018-0324
was published
May 13, 2022
Command Injection in systeminformation
Moderate
CVE-2020-26300
was published
for
systeminformation
(npm)
Oct 27, 2020
XStream vulnerable to an Arbitrary File Deletion on the local host when unmarshalling
Moderate
CVE-2020-26259
was published
for
com.thoughtworks.xstream:xstream
(Maven)
Dec 21, 2020
A vulnerability in certain CLI commands of Cisco Identity Services Engine (ISE) could allow an...
Moderate
Unreviewed
CVE-2018-0214
was published
May 13, 2022
[thi.ng/egf] Potential arbitrary code execution of `#gpg`-tagged property values
Moderate
CVE-2021-21412
was published
for
@thi.ng/egf
(npm)
Apr 6, 2021
Arbitrary Command Injection in portprocesses
Moderate
CVE-2021-23348
was published
for
portprocesses
(npm)
Apr 6, 2021
A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series...
Moderate
Unreviewed
CVE-2018-0122
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API