Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,972
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,983
npm
3,518
NuGet
609
pip
3,094
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

949 advisories

Loading
Command injection vulnerability in EZ-Internet in Synology Router Manager (SRM) before 1.1.6-6931... High Unreviewed
CVE-2017-12078 was published May 13, 2022
A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local... High Unreviewed
CVE-2017-12341 was published May 13, 2022
A vulnerability in certain system script files that are installed at boot time on Cisco... High Unreviewed
CVE-2017-12352 was published May 13, 2022
A command injection vulnerability in the IDP feature of Juniper Networks Junos OS on SRX series... High Unreviewed
CVE-2017-2349 was published May 13, 2022
A Command Injection issue was discovered in Satel Iberia SenNet Data Logger and Electricity... High Unreviewed
CVE-2017-6048 was published May 13, 2022
A vulnerability in the Zero Touch Provisioning (ZTP) subsystem of the Cisco SD-WAN Solution could... High Unreviewed
CVE-2018-0347 was published May 13, 2022
A vulnerability in the VPN subsystem configuration in the Cisco SD-WAN Solution could allow an... High Unreviewed
CVE-2018-0350 was published May 13, 2022
A vulnerability in the vManage dashboard for the configuration and management service of the... High Unreviewed
CVE-2018-0344 was published May 13, 2022
A vulnerability in the command-line tcpdump utility in the Cisco SD-WAN Solution could allow an... High Unreviewed
CVE-2018-0351 was published May 13, 2022
A vulnerability in the web-based management interface of Cisco Integrated Management Controller ... High Unreviewed
CVE-2018-0430 was published May 13, 2022
A vulnerability in the web-based management interface of Cisco Integrated Management Controller ... High Unreviewed
CVE-2018-0431 was published May 13, 2022
A vulnerability in the web-based management interface of Cisco Cloud Services Platform 2100 could... High Unreviewed
CVE-2018-0454 was published May 13, 2022
The web-based diagnostics console in Dell EMC iDRAC6 (Monolithic versions prior to 2.91 and... High Unreviewed
CVE-2018-1212 was published May 13, 2022
Dell EMC iDRAC7/iDRAC8, versions prior to 2.60.60.60, and iDRAC9 versions prior to 3.21.21.21... High Unreviewed
CVE-2018-1244 was published May 13, 2022
The version control adapters component of TIBCO Data Virtualization (formerly known as Cisco... High Unreviewed
CVE-2018-5428 was published May 13, 2022
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to... High Unreviewed
CVE-2019-3919 was published May 13, 2022
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to... High Unreviewed
CVE-2019-3920 was published May 13, 2022
Terminology 0.7.0 allows remote attackers to execute arbitrary commands via escape sequences that... High Unreviewed
CVE-2015-8971 was published May 13, 2022
Command injection vulnerability in smart.cgi in Synology DiskStation Manager (DSM) before 5.2... High Unreviewed
CVE-2017-15889 was published May 13, 2022
Apache Thrift Go Library Command Injection High
CVE-2016-5397 was published for github.com/apache/thrift (Go) May 13, 2022
IBM Security Identity Manager Virtual Appliance 6.0 and 7.0 could allow a remote authenticated... High Unreviewed
CVE-2017-1407 was published May 13, 2022
FusionSphere OpenStack with software V100R006C00 and V100R006C10RC2 has two command injection... High Unreviewed
CVE-2017-2718 was published May 13, 2022
Command Injection in VIVO Vitro High
CVE-2019-6986 was published for org.vivoweb:vitro-project (Maven) May 13, 2022
A remote code execution vulnerability exists in the way that the MSHTML engine inproperly... High Unreviewed
CVE-2019-0541 was published May 13, 2022
sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if... High Unreviewed
CVE-2016-7076 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API