GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,416

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

252 advisories

Filter by severity

Sort by

Least recently updated

Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... Moderate Unreviewed

CVE-2022-25619 was published Mar 31, 2022

A remote authenticated arbitrary command execution vulnerability was discovered in Aruba AirWave... Moderate Unreviewed

CVE-2021-26970 was published May 24, 2022

A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy... Moderate Unreviewed

CVE-2021-34615 was published May 24, 2022

A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy... Moderate Unreviewed

CVE-2021-34616 was published May 24, 2022

A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy... Moderate Unreviewed

CVE-2021-34614 was published May 24, 2022

A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy... Moderate Unreviewed

CVE-2021-34613 was published May 24, 2022

A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy... Moderate Unreviewed

CVE-2021-34612 was published May 24, 2022

In Alpine through 2.24, untagged responses from an IMAP server are accepted before STARTTLS. Moderate Unreviewed

CVE-2021-38370 was published May 24, 2022

By executing a special command, an user with administrative rights can get access to extended... Moderate Unreviewed

CVE-2021-23861 was published Dec 9, 2021

EMC Documentum D2 version 4.5 and EMC Documentum D2 version 4.6 has a DQL Injection Vulnerability... Moderate Unreviewed

CVE-2016-9873 was published May 17, 2022

A command injection vulnerability in Juniper Networks NorthStar Controller Application prior to... Moderate Unreviewed

CVE-2017-2324 was published May 17, 2022

An issue was discovered in Tesla Motors Model S automobile, all firmware versions before version... Moderate Unreviewed

CVE-2016-9337 was published May 17, 2022

Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported desktop environment is... Moderate Unreviewed

CVE-2014-9622 was published May 17, 2022

The management console on the Symantec Web Gateway (SWG) appliance before 5.2.2 allows remote... Moderate Unreviewed

CVE-2014-7285 was published May 17, 2022

In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible... Moderate Unreviewed

CVE-2017-6184 was published May 17, 2022

The submission service in Dovecot before 2.3.15 allows STARTTLS command injection in lib-smtp.... Moderate Unreviewed

CVE-2021-33515 was published May 24, 2022

Bugzilla before 4.0.16, 4.1.x and 4.2.x before 4.2.12, 4.3.x and 4.4.x before 4.4.7, and 5.x... Moderate Unreviewed

CVE-2014-8630 was published May 17, 2022

Watchguard XCS 9.2 and 10.0 before build 150522 allow remote authenticated users to execute... Moderate Unreviewed

CVE-2015-5453 was published May 17, 2022

Zenoss Core through 5 Beta 3 does not require a password for modifying the pager command string,... Moderate Unreviewed

CVE-2014-6260 was published May 17, 2022

cloner.functions.php in the XCloner plugin 3.1.2 for WordPress allows remote authenticated users... Moderate Unreviewed

CVE-2015-4336 was published May 17, 2022

Common LaTeX Service Interface (CLSI) before 0.1.3, as used in ShareLaTeX before 0.1.3, allows... Moderate Unreviewed

CVE-2015-0934 was published May 17, 2022

cgi-bin/iptablesgui.cgi in IPCop (aka IPCop Firewall) before 2.1.5 allows remote authenticated... Moderate Unreviewed

CVE-2013-7418 was published May 17, 2022

The web interface in BitTorrent allows remote attackers to execute arbitrary commands by... Moderate Unreviewed

CVE-2014-8515 was published May 17, 2022

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 (22.22.6100.0... Moderate Unreviewed

CVE-2022-40765 was published Nov 22, 2022

In GraphicsMagick before 1.3.32, the text filename component allows remote attackers to read... Moderate Unreviewed

CVE-2019-12921 was published May 24, 2022

Previous 1 2 3 4 5 … 10 11 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

252 advisories