Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,356
Erlang
33
GitHub Actions
22
Go
2,121
Maven
5,000+
npm
3,783
NuGet
683
pip
3,465
Pub
12
RubyGems
893
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

388 advisories

Loading
A vulnerability in CLI command processing in the Cisco Firepower 4100 Series Next-Generation... Moderate Unreviewed
CVE-2017-3806 was published May 17, 2022
A vulnerability in a startup script of Cisco IOS XE Software could allow an unauthenticated... Moderate Unreviewed
CVE-2017-6606 was published May 17, 2022
Cisco TelePresence endpoints running either CE or TC software contain a vulnerability that could... Moderate Unreviewed
CVE-2016-6459 was published May 17, 2022
GigaCC OFFICE ver.2.3 and earlier allows remote attackers to execute arbitrary OS commands via... Moderate Unreviewed
CVE-2016-7844 was published May 17, 2022
A remote authenticated SQL Injection vulnerabilitiy was discovered in Aruba ClearPass Policy... Moderate Unreviewed
CVE-2021-26685 was published May 24, 2022
react-dev-utils OS Command Injection in function `getProcessForPort` Moderate
CVE-2021-24033 was published for react-dev-utils (npm) Mar 11, 2021
lib/ajaxHandlers/ajaxAddTemplate.php in rConfig through 3.94 allows remote attackers to execute... Moderate Unreviewed
CVE-2020-10221 was published May 24, 2022
Code injection in npm git Moderate
CVE-2021-23632 was published for git (npm) Mar 18, 2022
Arbitrary Command Injection due to Improper Command Sanitization Moderate
GHSA-hxwm-x553-x359 was published for @npmcli/git (npm) Aug 5, 2021
tyage
OS Command Injection in node-notifier Moderate
CVE-2020-7789 was published for node-notifier (npm) Dec 21, 2020
Prototype Pollution in systeminformation Moderate
CVE-2020-26245 was published for systeminformation (npm) Nov 27, 2020
Command injection in codecov (npm package) Moderate
CVE-2020-15123 was published for codecov (npm) Jul 20, 2020
Command Injection Vulnerability in systeminformation Moderate
CVE-2020-26274 was published for systeminformation (npm) Dec 16, 2020
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database