Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,984
Erlang
29
GitHub Actions
16
Go
1,771
Maven
4,995
npm
3,541
NuGet
617
pip
3,117
Pub
10
RubyGems
838
Rust
788
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

815 advisories

Loading
IBM QRadar SIEM 7.1 MR2 before Patch 11 IF02 and 7.2.x before 7.2.5 Patch 4 allows remote... High Unreviewed
CVE-2015-4930 was published May 17, 2022
IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and... High Unreviewed
CVE-2016-0236 was published May 17, 2022
IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and... High Unreviewed
CVE-2016-0328 was published May 17, 2022
IBM Security QRadar SIEM 7.1.x and 7.2.x before 7.2.7 allows remote authenticated users to... High Unreviewed
CVE-2016-2875 was published May 17, 2022
IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and... High Unreviewed
CVE-2015-4974 was published May 17, 2022
IBM Rational Quality Manager (RQM) and Rational Collaborative Lifecycle Management 3.0.1.6 before... High Unreviewed
CVE-2016-0326 was published May 17, 2022
The management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0... High Unreviewed
CVE-2015-6547 was published May 17, 2022
The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to... High Unreviewed
CVE-2015-1986 was published May 17, 2022
The portal in IBM Tivoli Monitoring (ITM) 6.2.2 through FP9, 6.2.3 through FP5, and 6.3.0 before... High Unreviewed
CVE-2015-5003 was published May 17, 2022
The Management Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler... High Unreviewed
CVE-2015-5080 was published May 17, 2022
An issue was discovered in Pivotal Greenplum before 4.3.10.0. Creation of external tables using... High Unreviewed
CVE-2016-6656 was published May 17, 2022
Improper neutralization of special elements used in a user input allows an authenticated... High Unreviewed
CVE-2022-2323 was published Jul 30, 2022
Realtek rtl819x-SDK before v3.6.1 allows command injection over the web interface. High Unreviewed
CVE-2022-29558 was published Jul 29, 2022
Endian Firewall before 3.0 allows remote attackers to execute arbitrary commands via shell... High Unreviewed
CVE-2015-5082 was published May 17, 2022
The Parental Control panel in Genexis devices with DRGOS before 1.14.1 allows remote... High Unreviewed
CVE-2015-3441 was published May 17, 2022
Unsanitized input when setting a locale file leads to shell injection in mIPC camera firmware 5.3... High Unreviewed
CVE-2022-40785 was published Sep 27, 2022
BitTorrent Sync allows remote attackers to execute arbitrary commands via a crafted btsync: link. High Unreviewed
CVE-2015-2846 was published May 17, 2022
D-Link DSL-3782 v1.03 and below was discovered to contain a command injection vulnerability via... High Unreviewed
CVE-2022-34527 was published Jul 30, 2022
The remove_bad_chars function in utils/cups-browsed.c in cups-filters before 1.0.66 allows remote... High Unreviewed
CVE-2015-2265 was published May 17, 2022
The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to... High Unreviewed
CVE-2015-1949 was published May 17, 2022
The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to... High Unreviewed
CVE-2015-1938 was published May 17, 2022
EMC RecoverPoint versions before 4.4.1.1 and EMC RecoverPoint for Virtual Machines versions... High Unreviewed
CVE-2016-6649 was published May 17, 2022
A command-injection vulnerability exists in a web application on a custom-built GoAhead web... High Unreviewed
CVE-2017-5675 was published May 17, 2022
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a command... High Unreviewed
CVE-2022-34538 was published Jul 20, 2022
The allow_execmod plugin for setroubleshoot before 3.2.23 allows local users to execute arbitrary... High Unreviewed
CVE-2016-4444 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API