Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

472 advisories

Loading
A remote code execution vulnerability in Webview in Android 5.0.x before 5.0.2, 5.1.x before 5.1... High Unreviewed
CVE-2016-6754 was published May 17, 2022
OpenTeknik LLC OSSN OPEN SOURCE SOCIAL NETWORK v6.3 LTS was discovered to contain an HTML... High Unreviewed
CVE-2022-34966 was published Jul 26, 2022
Dell iDRAC7 and iDRAC8 devices with firmware before 2.40.40.40 allow authenticated users to gain... High Unreviewed
CVE-2016-5685 was published May 17, 2022
libmimedir allows remote attackers to execute arbitrary code via a VCF file with two NULL bytes... High Unreviewed
CVE-2015-3205 was published May 17, 2022
Command injection in docker-tester High
CVE-2021-34079 was published for docker-tester (npm) Jun 3, 2022
Command injection in librenms High
CVE-2022-29712 was published for librenms/librenms (Composer) Jun 3, 2022
Apereo Central Authentication Service (CAS) Server before 3.5.3 allows remote attackers to... High Unreviewed
CVE-2015-1169 was published May 17, 2022
Unspecified vulnerability in the management portal in ARRIS VAP2500 before FW08.41 allows remote... High Unreviewed
CVE-2014-8423 was published May 17, 2022
A vulnerability, which was classified as critical, was found in Vesta Control Panel. Affected is... High Unreviewed
CVE-2022-3967 was published Nov 13, 2022
PHP Object Injection vulnerability in Easy Digital Downloads plugin <= 3.0.1 at WordPress. High Unreviewed
CVE-2022-33900 was published Aug 23, 2022
LPAR2RRD ? 4.53 and ? 3.5 has arbitrary command injection on the application server. High Unreviewed
CVE-2014-4982 was published May 17, 2022
LibEtPan through 1.9.4, as used in MailCore 2 through 0.6.3 and other products, has a STARTTLS... High Unreviewed
CVE-2020-15953 was published May 24, 2022
Improper neutralization of special elements leaves the Eyes of Network Web application vulnerable... High Unreviewed
CVE-2022-38357 was published Aug 16, 2022
dustjs-linkedin vulnerable to Prototype Pollution High
CVE-2021-4264 was published for dustjs-linkedin (npm) Dec 21, 2022
An issue was discovered in FusionAuth before 1.11.0. An authenticated user, allowed to edit e... High Unreviewed
CVE-2020-7799 was published May 24, 2022
IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary... High Unreviewed
CVE-2020-4210 was published May 24, 2022
IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary... High Unreviewed
CVE-2020-4213 was published May 24, 2022
IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary... High Unreviewed
CVE-2020-4222 was published May 24, 2022
DVR firmware in TAT-76 and TAT-77 series of products, provided by TONNET do not properly verify... High Unreviewed
CVE-2020-3924 was published May 24, 2022
IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary... High Unreviewed
CVE-2020-4211 was published May 24, 2022
IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary... High Unreviewed
CVE-2020-4212 was published May 24, 2022
Adobe Digital Editions versions 4.5.10 and below have a command injection vulnerability.... High Unreviewed
CVE-2020-3760 was published May 24, 2022
A CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (... High Unreviewed
CVE-2020-7475 was published May 24, 2022
CuteNews 2.0.1 allows remote authenticated attackers to execute arbitrary PHP code via... High Unreviewed
CVE-2020-5558 was published May 24, 2022
Zoho ManageEngine Password Manager Pro through 10.x has a CSV Excel Macro Injection vulnerability... High Unreviewed
CVE-2020-9347 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database