GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,972
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,983
npm
3,518
NuGet
609
pip
3,094
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
949 advisories
Filter by severity
Command injection vulnerability in EZ-Internet in Synology Router Manager (SRM) before 1.1.6-6931...
High
Unreviewed
CVE-2017-12078
was published
May 13, 2022
A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local...
High
Unreviewed
CVE-2017-12341
was published
May 13, 2022
A vulnerability in certain system script files that are installed at boot time on Cisco...
High
Unreviewed
CVE-2017-12352
was published
May 13, 2022
A command injection vulnerability in the IDP feature of Juniper Networks Junos OS on SRX series...
High
Unreviewed
CVE-2017-2349
was published
May 13, 2022
A Command Injection issue was discovered in Satel Iberia SenNet Data Logger and Electricity...
High
Unreviewed
CVE-2017-6048
was published
May 13, 2022
A vulnerability in the Zero Touch Provisioning (ZTP) subsystem of the Cisco SD-WAN Solution could...
High
Unreviewed
CVE-2018-0347
was published
May 13, 2022
A vulnerability in the VPN subsystem configuration in the Cisco SD-WAN Solution could allow an...
High
Unreviewed
CVE-2018-0350
was published
May 13, 2022
A vulnerability in the vManage dashboard for the configuration and management service of the...
High
Unreviewed
CVE-2018-0344
was published
May 13, 2022
A vulnerability in the command-line tcpdump utility in the Cisco SD-WAN Solution could allow an...
High
Unreviewed
CVE-2018-0351
was published
May 13, 2022
A vulnerability in the web-based management interface of Cisco Integrated Management Controller ...
High
Unreviewed
CVE-2018-0430
was published
May 13, 2022
A vulnerability in the web-based management interface of Cisco Integrated Management Controller ...
High
Unreviewed
CVE-2018-0431
was published
May 13, 2022
A vulnerability in the web-based management interface of Cisco Cloud Services Platform 2100 could...
High
Unreviewed
CVE-2018-0454
was published
May 13, 2022
The web-based diagnostics console in Dell EMC iDRAC6 (Monolithic versions prior to 2.91 and...
High
Unreviewed
CVE-2018-1212
was published
May 13, 2022
Dell EMC iDRAC7/iDRAC8, versions prior to 2.60.60.60, and iDRAC9 versions prior to 3.21.21.21...
High
Unreviewed
CVE-2018-1244
was published
May 13, 2022
The version control adapters component of TIBCO Data Virtualization (formerly known as Cisco...
High
Unreviewed
CVE-2018-5428
was published
May 13, 2022
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to...
High
Unreviewed
CVE-2019-3919
was published
May 13, 2022
The Alcatel Lucent I-240W-Q GPON ONT using firmware version 3FE54567BOZJ19 is vulnerable to...
High
Unreviewed
CVE-2019-3920
was published
May 13, 2022
Terminology 0.7.0 allows remote attackers to execute arbitrary commands via escape sequences that...
High
Unreviewed
CVE-2015-8971
was published
May 13, 2022
Command injection vulnerability in smart.cgi in Synology DiskStation Manager (DSM) before 5.2...
High
Unreviewed
CVE-2017-15889
was published
May 13, 2022
Apache Thrift Go Library Command Injection
High
CVE-2016-5397
was published
for
github.com/apache/thrift
(Go)
May 13, 2022
IBM Security Identity Manager Virtual Appliance 6.0 and 7.0 could allow a remote authenticated...
High
Unreviewed
CVE-2017-1407
was published
May 13, 2022
FusionSphere OpenStack with software V100R006C00 and V100R006C10RC2 has two command injection...
High
Unreviewed
CVE-2017-2718
was published
May 13, 2022
Command Injection in VIVO Vitro
High
CVE-2019-6986
was published
for
org.vivoweb:vitro-project
(Maven)
May 13, 2022
A remote code execution vulnerability exists in the way that the MSHTML engine inproperly...
High
Unreviewed
CVE-2019-0541
was published
May 13, 2022
sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if...
High
Unreviewed
CVE-2016-7076
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API