GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
373 advisories
Filter by severity
Command Injection Vulnerability in systeminformation
Moderate
CVE-2020-26274
was published
for
systeminformation
(npm)
Dec 16, 2020
Command injection in codecov (npm package)
Moderate
CVE-2020-15123
was published
for
codecov
(npm)
Jul 20, 2020
Prototype Pollution in systeminformation
Moderate
CVE-2020-26245
was published
for
systeminformation
(npm)
Nov 27, 2020
OS Command Injection in node-notifier
Moderate
CVE-2020-7789
was published
for
node-notifier
(npm)
Dec 21, 2020
Arbitrary Command Injection due to Improper Command Sanitization
Moderate
GHSA-hxwm-x553-x359
was published
for
@npmcli/git
(npm)
Aug 5, 2021
lib/ajaxHandlers/ajaxAddTemplate.php in rConfig through 3.94 allows remote attackers to execute...
Moderate
Unreviewed
CVE-2020-10221
was published
May 24, 2022
react-dev-utils OS Command Injection in function `getProcessForPort`
Moderate
CVE-2021-24033
was published
for
react-dev-utils
(npm)
Mar 11, 2021
A remote authenticated SQL Injection vulnerabilitiy was discovered in Aruba ClearPass Policy...
Moderate
Unreviewed
CVE-2021-26685
was published
May 24, 2022
GigaCC OFFICE ver.2.3 and earlier allows remote attackers to execute arbitrary OS commands via...
Moderate
Unreviewed
CVE-2016-7844
was published
May 17, 2022
Cisco TelePresence endpoints running either CE or TC software contain a vulnerability that could...
Moderate
Unreviewed
CVE-2016-6459
was published
May 17, 2022
A vulnerability in a startup script of Cisco IOS XE Software could allow an unauthenticated...
Moderate
Unreviewed
CVE-2017-6606
was published
May 17, 2022
A vulnerability in CLI command processing in the Cisco Firepower 4100 Series Next-Generation...
Moderate
Unreviewed
CVE-2017-3806
was published
May 17, 2022
WNC01WH firmware 1.0.0.9 and earlier allows authenticated attackers to execute arbitrary OS...
Moderate
Unreviewed
CVE-2017-2152
was published
May 17, 2022
Dell EMC PowerStore, contains an OS command injection Vulnerability. A locally authenticated...
Moderate
Unreviewed
CVE-2022-22555
was published
Jul 22, 2022
IBM CICS TX 11.1 could allow allow an attacker with physical access to the system to execute code...
Moderate
Unreviewed
CVE-2022-33955
was published
Aug 2, 2022
Buffalo network devices WSR-3200AX4S firmware Ver. 1.26 and earlier, WSR-3200AX4B firmware Ver. 1...
Moderate
Unreviewed
CVE-2022-43466
was published
Dec 19, 2022
McAfee Enterprise Security Manager (ESM), Enterprise Security Manager/Log Manager (ESMLM), and...
Moderate
Unreviewed
CVE-2015-7310
was published
May 17, 2022
A local file script in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2...
Moderate
Unreviewed
CVE-2015-4330
was published
May 17, 2022
A vulnerability in the self-healing functionality of Cisco IOS XE Software for Embedded Wireless...
Moderate
Unreviewed
CVE-2022-20855
was published
Oct 1, 2022
OCS Inventory NG 2.7 allows Remote Command Execution via shell metacharacters to require...
Moderate
Unreviewed
CVE-2020-14947
was published
May 24, 2022
baserCMS 3.0.2 through 3.0.8 allows remote authenticated users to execute arbitrary OS commands...
Moderate
Unreviewed
CVE-2015-7769
was published
May 17, 2022
KDDI HOME SPOT CUBE devices before 2 allow remote authenticated users to execute arbitrary OS...
Moderate
Unreviewed
CVE-2016-1141
was published
May 17, 2022
An unspecified script in the web interface in Cisco Firepower Extensible Operating System 1.1(1...
Moderate
Unreviewed
CVE-2015-6380
was published
May 17, 2022
PC-EGG pWebManager before 3.3.10, and before 2.2.2 for PHP 4.x, allows remote authenticated users...
Moderate
Unreviewed
CVE-2015-7774
was published
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API