Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,695
Maven
5,000+
npm
4,321
NuGet
761
pip
4,098
Pub
12
RubyGems
958
Rust
1,063
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

499 advisories

Loading
Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an... Moderate Unreviewed
CVE-2019-1960 was published May 24, 2022
An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is... Moderate Unreviewed
CVE-2019-14337 was published May 24, 2022
The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to... Moderate Unreviewed
CVE-2012-4108 was published May 17, 2022
The DrayTek Vigor 2700 router 2.8.3 allows remote attackers to execute arbitrary JavaScript code,... Moderate Unreviewed
CVE-2013-5703 was published May 17, 2022
The commandline interface in Blue Coat Content Analysis System (CAS) 1.1 before 1.1.4.2 allows... Moderate Unreviewed
CVE-2014-2565 was published May 17, 2022
Usermin before 1.600 allows remote attackers to execute arbitrary operating-system commands via... Moderate Unreviewed
CVE-2014-3883 was published May 17, 2022
ASUS JAPAN RT-AC87U routers with firmware 3.0.0.4.378.3754 and earlier, RT-AC68U routers with... Moderate Unreviewed
CVE-2014-7269 was published May 17, 2022
The Yodobashi application 1.2.1.0 and earlier for Android allows remote attackers to execute... Moderate Unreviewed
CVE-2015-2980 was published May 17, 2022
eventapp/lib/gcloud.rb in the ISUCON5 qualifier portal (aka eventapp) web application before 2015... Moderate Unreviewed
CVE-2015-5673 was published May 17, 2022
PC-EGG pWebManager before 3.3.10, and before 2.2.2 for PHP 4.x, allows remote authenticated users... Moderate Unreviewed
CVE-2015-7774 was published May 17, 2022
An unspecified script in the web interface in Cisco Firepower Extensible Operating System 1.1(1... Moderate Unreviewed
CVE-2015-6380 was published May 17, 2022
KDDI HOME SPOT CUBE devices before 2 allow remote authenticated users to execute arbitrary OS... Moderate Unreviewed
CVE-2016-1141 was published May 17, 2022
baserCMS 3.0.2 through 3.0.8 allows remote authenticated users to execute arbitrary OS commands... Moderate Unreviewed
CVE-2015-7769 was published May 17, 2022
McAfee Enterprise Security Manager (ESM), Enterprise Security Manager/Log Manager (ESMLM), and... Moderate Unreviewed
CVE-2015-7310 was published May 17, 2022
The CLI parser in Cisco NX-OS 4.1(2)E1(1), 6.2(11b), 6.2(12), 7.2(0)ZZ(99.1), 7.2(0)ZZ(99.3), and... Moderate Unreviewed
CVE-2015-4237 was published May 17, 2022
The CLI in Cisco Prime Collaboration 9.0 and 11.0 allows local users to execute arbitrary OS... Moderate Unreviewed
CVE-2016-1320 was published May 17, 2022
A local file script in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2... Moderate Unreviewed
CVE-2015-4330 was published May 17, 2022
A vulnerability in CLI command processing in the Cisco Firepower 4100 Series Next-Generation... Moderate Unreviewed
CVE-2017-3806 was published May 17, 2022
WNC01WH firmware 1.0.0.9 and earlier allows authenticated attackers to execute arbitrary OS... Moderate Unreviewed
CVE-2017-2152 was published May 17, 2022
A vulnerability in a startup script of Cisco IOS XE Software could allow an unauthenticated... Moderate Unreviewed
CVE-2017-6606 was published May 17, 2022
Cisco TelePresence endpoints running either CE or TC software contain a vulnerability that could... Moderate Unreviewed
CVE-2016-6459 was published May 17, 2022
GigaCC OFFICE ver.2.3 and earlier allows remote attackers to execute arbitrary OS commands via... Moderate Unreviewed
CVE-2016-7844 was published May 17, 2022
delivery.php in the Passive Capture Application (PCA) web console in IBM Tealeaf CX 7.x, 8.x... Moderate Unreviewed
CVE-2013-6719 was published May 17, 2022
Infinite Automation Mango Automation 2.5.x and 2.6.x through 2.6.0 build 430 allows remote... Moderate Unreviewed
CVE-2015-7901 was published May 17, 2022
The WP-DBManager (aka Database Manager) plugin before 2.7.2 for WordPress allows remote... Moderate Unreviewed
CVE-2014-8334 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database