GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
876 advisories
Filter by severity
A vulnerability in the VPN subsystem configuration in the Cisco SD-WAN Solution could allow an...
High
Unreviewed
CVE-2018-0350
was published
May 13, 2022
A vulnerability in the command-line tcpdump utility in the Cisco SD-WAN Solution could allow an...
High
Unreviewed
CVE-2018-0351
was published
May 13, 2022
A vulnerability in the web-based management interface of Cisco Integrated Management Controller ...
High
Unreviewed
CVE-2018-0430
was published
May 13, 2022
A vulnerability in the web-based management interface of Cisco Integrated Management Controller ...
High
Unreviewed
CVE-2018-0431
was published
May 13, 2022
A vulnerability in the web-based management interface of Cisco Cloud Services Platform 2100 could...
High
Unreviewed
CVE-2018-0454
was published
May 13, 2022
The web-based diagnostics console in Dell EMC iDRAC6 (Monolithic versions prior to 2.91 and...
High
Unreviewed
CVE-2018-1212
was published
May 13, 2022
Dell EMC iDRAC7/iDRAC8, versions prior to 2.60.60.60, and iDRAC9 versions prior to 3.21.21.21...
High
Unreviewed
CVE-2018-1244
was published
May 13, 2022
The version control adapters component of TIBCO Data Virtualization (formerly known as Cisco...
High
Unreviewed
CVE-2018-5428
was published
May 13, 2022
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to...
High
Unreviewed
CVE-2019-3919
was published
May 13, 2022
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to...
High
Unreviewed
CVE-2019-3920
was published
May 13, 2022
Terminology 0.7.0 allows remote attackers to execute arbitrary commands via escape sequences that...
High
Unreviewed
CVE-2015-8971
was published
May 13, 2022
Command injection vulnerability in smart.cgi in Synology DiskStation Manager (DSM) before 5.2...
High
Unreviewed
CVE-2017-15889
was published
May 13, 2022
IBM Security Identity Manager Virtual Appliance 6.0 and 7.0 could allow a remote authenticated...
High
Unreviewed
CVE-2017-1407
was published
May 13, 2022
FusionSphere OpenStack with software V100R006C00 and V100R006C10RC2 has two command injection...
High
Unreviewed
CVE-2017-2718
was published
May 13, 2022
A remote code execution vulnerability exists in the way that the MSHTML engine inproperly...
High
Unreviewed
CVE-2019-0541
was published
May 13, 2022
sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if...
High
Unreviewed
CVE-2016-7076
was published
May 13, 2022
A vulnerability in the local CLI of the Cisco SD-WAN Solution could allow an authenticated, local...
High
Unreviewed
CVE-2019-1646
was published
May 13, 2022
GParted before 0.15.0 allows local users to execute arbitrary commands with root privileges via...
High
Unreviewed
CVE-2014-7208
was published
May 13, 2022
rssh version 2.3.4 contains a CWE-77: Improper Neutralization of Special Elements used in a...
High
Unreviewed
CVE-2019-1000018
was published
May 13, 2022
Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code.
High
Unreviewed
CVE-2014-9114
was published
May 13, 2022
The handle_certificate function in /vmi/manager/engine/management/commands/apns_worker.py in...
High
Unreviewed
CVE-2016-6270
was published
May 13, 2022
Apache OpenOffice before 4.1.1 allows remote attackers to execute arbitrary commands and possibly...
High
Unreviewed
CVE-2014-3524
was published
May 13, 2022
An exploitable command injection vulnerability exists in the web management interface used by the...
High
Unreviewed
CVE-2017-2832
was published
May 13, 2022
An exploitable command injection vulnerability exists in the web management interface used by the...
High
Unreviewed
CVE-2017-2833
was published
May 13, 2022
An exploitable command execution vulnerability exists in Information Builders WebFOCUS Business...
High
Unreviewed
CVE-2016-9044
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API