GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
374 advisories
Filter by severity
OS Command Injection in mversion
Moderate
CVE-2020-7688
was published
for
mversion
(npm)
May 17, 2021
OS Command Injection in ng-packagr
Moderate
CVE-2020-7735
was published
for
ng-packagr
(npm)
May 7, 2021
Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3,...
Moderate
Unreviewed
CVE-2018-1242
was published
May 13, 2022
OS Command injection in docker-cli-js
Moderate
CVE-2021-23732
was published
for
docker-cli-js
(npm)
Dec 2, 2021
•
withdrawn
ELECOM LAN routers (WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and...
Moderate
Unreviewed
CVE-2021-20853
was published
Dec 2, 2021
ELECOM LAN routers (WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and...
Moderate
Unreviewed
CVE-2021-20854
was published
Dec 2, 2021
Grandstream GWN7000 before 1.0.6.32 and GWN7610 before 1.0.8.18 devices allow remote...
Moderate
Unreviewed
CVE-2019-10657
was published
May 13, 2022
The Pulse Secure Desktop (macOS) 5.3RX before 5.3R5 and 9.0R1 has a Privilege Escalation...
Moderate
Unreviewed
CVE-2018-15726
was published
May 13, 2022
A vulnerability in the CLI of Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100...
Moderate
Unreviewed
CVE-2017-6602
was published
May 13, 2022
programs/pluto/xauth.c in the client in Openswan 2.6.26 through 2.6.28 allows remote...
Moderate
Unreviewed
CVE-2010-3753
was published
May 14, 2022
programs/pluto/xauth.c in the client in Openswan 2.6.25 through 2.6.28 allows remote...
Moderate
Unreviewed
CVE-2010-3752
was published
May 14, 2022
/usr/local/cm/bin/pktCap_protectData in Cisco Unified Communications Manager (aka CUCM, formerly...
Moderate
Unreviewed
CVE-2010-3039
was published
May 14, 2022
The WP-DBManager (aka Database Manager) plugin before 2.7.2 for WordPress allows remote...
Moderate
Unreviewed
CVE-2014-8334
was published
May 14, 2022
Infinite Automation Mango Automation 2.5.x and 2.6.x through 2.6.0 build 430 allows remote...
Moderate
Unreviewed
CVE-2015-7901
was published
May 17, 2022
delivery.php in the Passive Capture Application (PCA) web console in IBM Tealeaf CX 7.x, 8.x...
Moderate
Unreviewed
CVE-2013-6719
was published
May 17, 2022
Command injection in github.com/google/fscrypt
Moderate
CVE-2022-25328
was published
for
github.com/google/fscrypt
(Go)
Feb 26, 2022
Zoho ManageEngine Asset Explorer 6.5 does not validate the System Center Configuration Manager ...
Moderate
Unreviewed
CVE-2019-19034
was published
May 24, 2022
Command injection in Rancher Git package
Moderate
CVE-2022-43758
was published
for
github.com/rancher/rancher
(Go)
Jan 25, 2023
In cmd services, there is a OS command injection issue due to missing permission check. This...
Moderate
Unreviewed
CVE-2022-47339
was published
Feb 12, 2023
A vulnerability in the CLI of Cisco Firepower 4100 Series, Cisco Firepower 9300 Security...
Moderate
Unreviewed
CVE-2023-20015
was published
Feb 23, 2023
An issue was discovered in Xen through 4.12.x allowing attackers to gain host OS privileges via...
Moderate
Unreviewed
CVE-2019-18424
was published
May 24, 2022
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected...
Moderate
Unreviewed
CVE-2022-43624
was published
Mar 29, 2023
ProTip!
Advisories are also available from the
GraphQL API