Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,968
Erlang
39
GitHub Actions
38
Go
2,616
Maven
5,000+
npm
4,255
NuGet
760
pip
4,040
Pub
12
RubyGems
953
Rust
1,050
Swift
45
Unreviewed advisories
All unreviewed
5,000+

539 advisories

Loading
Command Injection Vulnerability in systeminformation Moderate
CVE-2020-26274 was published for systeminformation (npm) Dec 16, 2020
Command injection in codecov (npm package) Moderate
CVE-2020-15123 was published for codecov (npm) Jul 20, 2020
Prototype Pollution in systeminformation Moderate
CVE-2020-26245 was published for systeminformation (npm) Nov 27, 2020
OS Command Injection in node-notifier Moderate
CVE-2020-7789 was published for node-notifier (npm) Dec 21, 2020
Arbitrary Command Injection due to Improper Command Sanitization Moderate
GHSA-hxwm-x553-x359 was published for @npmcli/git (npm) Aug 5, 2021
tyage
Credited to tyage
Code injection in npm git Moderate
CVE-2021-23632 was published for git (npm) Mar 18, 2022
react-dev-utils OS Command Injection in function `getProcessForPort` Moderate
CVE-2021-24033 was published for react-dev-utils (npm) Mar 11, 2021
A remote authenticated SQL Injection vulnerabilitiy was discovered in Aruba ClearPass Policy... Moderate Unreviewed
CVE-2021-26685 was published May 24, 2022
Cisco TelePresence endpoints running either CE or TC software contain a vulnerability that could... Moderate Unreviewed
CVE-2016-6459 was published May 17, 2022
A vulnerability in a startup script of Cisco IOS XE Software could allow an unauthenticated... Moderate Unreviewed
CVE-2017-6606 was published May 17, 2022
A vulnerability in CLI command processing in the Cisco Firepower 4100 Series Next-Generation... Moderate Unreviewed
CVE-2017-3806 was published May 17, 2022
WNC01WH firmware 1.0.0.9 and earlier allows authenticated attackers to execute arbitrary OS... Moderate Unreviewed
CVE-2017-2152 was published May 17, 2022
Dell EMC PowerStore, contains an OS command injection Vulnerability. A locally authenticated... Moderate Unreviewed
CVE-2022-22555 was published Jul 22, 2022
IBM CICS TX 11.1 could allow allow an attacker with physical access to the system to execute code... Moderate Unreviewed
CVE-2022-33955 was published Aug 2, 2022
McAfee Enterprise Security Manager (ESM), Enterprise Security Manager/Log Manager (ESMLM), and... Moderate Unreviewed
CVE-2015-7310 was published May 17, 2022
A local file script in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2... Moderate Unreviewed
CVE-2015-4330 was published May 17, 2022
A vulnerability in the self-healing functionality of Cisco IOS XE Software for Embedded Wireless... Moderate Unreviewed
CVE-2022-20855 was published Oct 1, 2022
OCS Inventory NG 2.7 allows Remote Command Execution via shell metacharacters to require... Moderate Unreviewed
CVE-2020-14947 was published May 24, 2022
baserCMS 3.0.2 through 3.0.8 allows remote authenticated users to execute arbitrary OS commands... Moderate Unreviewed
CVE-2015-7769 was published May 17, 2022
KDDI HOME SPOT CUBE devices before 2 allow remote authenticated users to execute arbitrary OS... Moderate Unreviewed
CVE-2016-1141 was published May 17, 2022
An unspecified script in the web interface in Cisco Firepower Extensible Operating System 1.1(1... Moderate Unreviewed
CVE-2015-6380 was published May 17, 2022
eventapp/lib/gcloud.rb in the ISUCON5 qualifier portal (aka eventapp) web application before 2015... Moderate Unreviewed
CVE-2015-5673 was published May 17, 2022
ASUS JAPAN RT-AC87U routers with firmware 3.0.0.4.378.3754 and earlier, RT-AC68U routers with... Moderate Unreviewed
CVE-2014-7269 was published May 17, 2022
Usermin before 1.600 allows remote attackers to execute arbitrary operating-system commands via... Moderate Unreviewed
CVE-2014-3883 was published May 17, 2022
The commandline interface in Blue Coat Content Analysis System (CAS) 1.1 before 1.1.4.2 allows... Moderate Unreviewed
CVE-2014-2565 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database