GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,984
Erlang
29
GitHub Actions
16
Go
1,771
Maven
4,995
npm
3,541
NuGet
617
pip
3,117
Pub
10
RubyGems
838
Rust
788
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
815 advisories
Filter by severity
IBM QRadar SIEM 7.1 MR2 before Patch 11 IF02 and 7.2.x before 7.2.5 Patch 4 allows remote...
High
Unreviewed
CVE-2015-4930
was published
May 17, 2022
IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and...
High
Unreviewed
CVE-2016-0236
was published
May 17, 2022
IBM Security Guardium Database Activity Monitor 8.2 before p310, 9.x through 9.5 before p700, and...
High
Unreviewed
CVE-2016-0328
was published
May 17, 2022
IBM Security QRadar SIEM 7.1.x and 7.2.x before 7.2.7 allows remote authenticated users to...
High
Unreviewed
CVE-2016-2875
was published
May 17, 2022
IBM General Parallel File System (GPFS) 3.5.x before 3.5.0.27 and 4.1.x before 4.1.1.2 and...
High
Unreviewed
CVE-2015-4974
was published
May 17, 2022
IBM Rational Quality Manager (RQM) and Rational Collaborative Lifecycle Management 3.0.1.6 before...
High
Unreviewed
CVE-2016-0326
was published
May 17, 2022
The management console on Symantec Web Gateway (SWG) appliances with software before 5.2.2 DB 5.0...
High
Unreviewed
CVE-2015-6547
was published
May 17, 2022
The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to...
High
Unreviewed
CVE-2015-1986
was published
May 17, 2022
The portal in IBM Tivoli Monitoring (ITM) 6.2.2 through FP9, 6.2.3 through FP5, and 6.3.0 before...
High
Unreviewed
CVE-2015-5003
was published
May 17, 2022
The Management Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler...
High
Unreviewed
CVE-2015-5080
was published
May 17, 2022
An issue was discovered in Pivotal Greenplum before 4.3.10.0. Creation of external tables using...
High
Unreviewed
CVE-2016-6656
was published
May 17, 2022
Improper neutralization of special elements used in a user input allows an authenticated...
High
Unreviewed
CVE-2022-2323
was published
Jul 30, 2022
Realtek rtl819x-SDK before v3.6.1 allows command injection over the web interface.
High
Unreviewed
CVE-2022-29558
was published
Jul 29, 2022
Endian Firewall before 3.0 allows remote attackers to execute arbitrary commands via shell...
High
Unreviewed
CVE-2015-5082
was published
May 17, 2022
The Parental Control panel in Genexis devices with DRGOS before 1.14.1 allows remote...
High
Unreviewed
CVE-2015-3441
was published
May 17, 2022
Unsanitized input when setting a locale file leads to shell injection in mIPC camera firmware 5.3...
High
Unreviewed
CVE-2022-40785
was published
Sep 27, 2022
BitTorrent Sync allows remote attackers to execute arbitrary commands via a crafted btsync: link.
High
Unreviewed
CVE-2015-2846
was published
May 17, 2022
D-Link DSL-3782 v1.03 and below was discovered to contain a command injection vulnerability via...
High
Unreviewed
CVE-2022-34527
was published
Jul 30, 2022
The remove_bad_chars function in utils/cups-browsed.c in cups-filters before 1.0.66 allows remote...
High
Unreviewed
CVE-2015-2265
was published
May 17, 2022
The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to...
High
Unreviewed
CVE-2015-1949
was published
May 17, 2022
The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to...
High
Unreviewed
CVE-2015-1938
was published
May 17, 2022
EMC RecoverPoint versions before 4.4.1.1 and EMC RecoverPoint for Virtual Machines versions...
High
Unreviewed
CVE-2016-6649
was published
May 17, 2022
A command-injection vulnerability exists in a web application on a custom-built GoAhead web...
High
Unreviewed
CVE-2017-5675
was published
May 17, 2022
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a command...
High
Unreviewed
CVE-2022-34538
was published
Jul 20, 2022
The allow_execmod plugin for setroubleshoot before 3.2.23 allows local users to execute arbitrary...
High
Unreviewed
CVE-2016-4444
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API