GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,286
Composer 4,356
Erlang 33
GitHub Actions 22
Go 2,121
Maven 5,299
npm 3,783
NuGet 683
pip 3,465
Pub 12
RubyGems 893
Rust 892
Swift 38

Unreviewed advisories

All unreviewed 244,312

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

388 advisories

Filter by severity

Sort by

Least recently updated

The node_process_command function in Zabbix Server before 1.8 allows remote attackers to execute... Moderate Unreviewed

CVE-2009-4498 was published May 2, 2022

Untrusted search path vulnerability in dash 0.5.4, when used as a login shell, allows local users... Moderate Unreviewed

CVE-2009-0854 was published May 2, 2022

OS Command Injection in export.php (vulnerable function called from include/functions-article.php... Moderate Unreviewed

CVE-2020-10390 was published May 24, 2022

Untrusted search path vulnerability in GTK2 in OpenSUSE 11.0 and 11.1 allows local users to... Moderate Unreviewed

CVE-2009-0848 was published May 2, 2022

Unspecified vulnerability in Sun Solaris 8 directory functions allows local users to cause a... Moderate Unreviewed

CVE-2008-1115 was published May 1, 2022

Multiple argument injection vulnerabilities in Mozilla Firefox 2.0.0.5 and 3.0alpha allow remote... Moderate Unreviewed

CVE-2007-4041 was published May 1, 2022

A certain ActiveX control in PDWizard.ocx 6.0.0.9782 and earlier in Microsoft Visual Studio 6.0... Moderate Unreviewed

CVE-2007-4891 was published May 1, 2022

SAP GUI allows an authenticated attacker to execute scripts in the local network. On successful... Moderate Unreviewed

CVE-2022-41205 was published Nov 9, 2022

nbmember.cgi in Netbilling 2.0 allows remote attackers to obtain sensitive information via the... Moderate Unreviewed

CVE-2004-2732 was published Apr 29, 2022

Dell NetWorker, versions 18.x and 19.x contain an Information disclosure vulnerability. A... Moderate Unreviewed

CVE-2021-21570 was published May 24, 2022

Improper neutralization of special elements in the SMA100 management interface allows a remote... Moderate Unreviewed

CVE-2021-20035 was published May 24, 2022

Dell NetWorker, versions 18.x and 19.x contain a Path traversal vulnerability. A NetWorker server... Moderate Unreviewed

CVE-2021-21569 was published May 24, 2022

Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local... Moderate Unreviewed

CVE-2021-34721 was published May 24, 2022

A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure ... Moderate Unreviewed

CVE-2021-1584 was published May 24, 2022

A vulnerability in the CLI of Cisco FXOS Software could allow an authenticated, local attacker to... Moderate Unreviewed

CVE-2022-20865 was published Aug 26, 2022

Dell EMC PowerScale OneFS versions 8.2.x - 9.2.1.x contain an OS command injection vulnerability.... Moderate Unreviewed

CVE-2021-21599 was published May 24, 2022

There is a command injection vulnerability in the HG8045Q product. When the command-line... Moderate Unreviewed

CVE-2021-37028 was published May 24, 2022

CODESYS V2 runtime system SP before 2.4.7.55 has Improper Neutralization of Special Elements used... Moderate Unreviewed

CVE-2021-30187 was published May 24, 2022

XStream is vulnerable to a Remote Command Execution attack Moderate

CVE-2021-21345 was published for com.thoughtworks.xstream:xstream (Maven) Mar 22, 2021

A command injection vulnerability has been reported to affect certain versions of Malware Remover... Moderate Unreviewed

CVE-2020-36198 was published May 24, 2022

A command injection vulnerability in install package validation subsystem of Juniper Networks... Moderate Unreviewed

CVE-2021-0219 was published May 24, 2022

Philips Interventional Workspot (Release 1.3.2, 1.4.0, 1.4.1, 1.4.3, 1.4.5), Coronary Tools... Moderate Unreviewed

CVE-2020-27298 was published May 24, 2022

Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker with an administrative... Moderate Unreviewed

CVE-2020-5636 was published May 24, 2022

Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option,... Moderate Unreviewed

CVE-2020-17367 was published May 24, 2022

D-Link DSL-7740C does not properly validate user input, which allows an authenticated LAN user to... Moderate Unreviewed

CVE-2020-12774 was published May 24, 2022

Previous 1 2 … 11 12 13 14 15 16 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

388 advisories