Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

876 advisories

Loading
A vulnerability in the VPN subsystem configuration in the Cisco SD-WAN Solution could allow an... High Unreviewed
CVE-2018-0350 was published May 13, 2022
A vulnerability in the command-line tcpdump utility in the Cisco SD-WAN Solution could allow an... High Unreviewed
CVE-2018-0351 was published May 13, 2022
A vulnerability in the web-based management interface of Cisco Integrated Management Controller ... High Unreviewed
CVE-2018-0430 was published May 13, 2022
A vulnerability in the web-based management interface of Cisco Integrated Management Controller ... High Unreviewed
CVE-2018-0431 was published May 13, 2022
A vulnerability in the web-based management interface of Cisco Cloud Services Platform 2100 could... High Unreviewed
CVE-2018-0454 was published May 13, 2022
The web-based diagnostics console in Dell EMC iDRAC6 (Monolithic versions prior to 2.91 and... High Unreviewed
CVE-2018-1212 was published May 13, 2022
Dell EMC iDRAC7/iDRAC8, versions prior to 2.60.60.60, and iDRAC9 versions prior to 3.21.21.21... High Unreviewed
CVE-2018-1244 was published May 13, 2022
The version control adapters component of TIBCO Data Virtualization (formerly known as Cisco... High Unreviewed
CVE-2018-5428 was published May 13, 2022
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to... High Unreviewed
CVE-2019-3919 was published May 13, 2022
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to... High Unreviewed
CVE-2019-3920 was published May 13, 2022
Terminology 0.7.0 allows remote attackers to execute arbitrary commands via escape sequences that... High Unreviewed
CVE-2015-8971 was published May 13, 2022
Command injection vulnerability in smart.cgi in Synology DiskStation Manager (DSM) before 5.2... High Unreviewed
CVE-2017-15889 was published May 13, 2022
IBM Security Identity Manager Virtual Appliance 6.0 and 7.0 could allow a remote authenticated... High Unreviewed
CVE-2017-1407 was published May 13, 2022
FusionSphere OpenStack with software V100R006C00 and V100R006C10RC2 has two command injection... High Unreviewed
CVE-2017-2718 was published May 13, 2022
A remote code execution vulnerability exists in the way that the MSHTML engine inproperly... High Unreviewed
CVE-2019-0541 was published May 13, 2022
sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if... High Unreviewed
CVE-2016-7076 was published May 13, 2022
A vulnerability in the local CLI of the Cisco SD-WAN Solution could allow an authenticated, local... High Unreviewed
CVE-2019-1646 was published May 13, 2022
GParted before 0.15.0 allows local users to execute arbitrary commands with root privileges via... High Unreviewed
CVE-2014-7208 was published May 13, 2022
rssh version 2.3.4 contains a CWE-77: Improper Neutralization of Special Elements used in a... High Unreviewed
CVE-2019-1000018 was published May 13, 2022
Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code. High Unreviewed
CVE-2014-9114 was published May 13, 2022
The handle_certificate function in /vmi/manager/engine/management/commands/apns_worker.py in... High Unreviewed
CVE-2016-6270 was published May 13, 2022
Apache OpenOffice before 4.1.1 allows remote attackers to execute arbitrary commands and possibly... High Unreviewed
CVE-2014-3524 was published May 13, 2022
An exploitable command injection vulnerability exists in the web management interface used by the... High Unreviewed
CVE-2017-2832 was published May 13, 2022
An exploitable command injection vulnerability exists in the web management interface used by the... High Unreviewed
CVE-2017-2833 was published May 13, 2022
An exploitable command execution vulnerability exists in Information Builders WebFOCUS Business... High Unreviewed
CVE-2016-9044 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API