Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
877
Swift
36
Unreviewed advisories
All unreviewed
5,000+

306 advisories

Loading
Bluetooth in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows attackers to send... Moderate Unreviewed
CVE-2015-6613 was published May 14, 2022
The network diagnostics tool (CommandLineServlet) in the Appliance Manager command line utility ... Moderate Unreviewed
CVE-2015-2746 was published May 14, 2022
IBM Notes 8.5 and 9.0 could allow a local attacker to execute arbitrary commands by carefully... Moderate Unreviewed
CVE-2017-1720 was published May 14, 2022
The generate_local_queue function in utils/cups-browsed.c in cups-browsed in cups-filters before... Moderate Unreviewed
CVE-2014-4336 was published May 14, 2022
A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local... Moderate Unreviewed
CVE-2017-12339 was published May 17, 2022
Spotlight in Apple OS X before 10.10.4 allows attackers to execute arbitrary commands via a... Moderate Unreviewed
CVE-2015-3716 was published May 17, 2022
IBM Maximo Asset Management 7.5 and 7.6 could allow an authenticated user to inject commands into... Moderate Unreviewed
CVE-2017-1352 was published May 17, 2022
A setup script for fabric interconnect devices in Cisco Unified Computing System (UCS) allows... Moderate Unreviewed
CVE-2012-4086 was published May 17, 2022
EMC Documentum D2 version 4.5 and EMC Documentum D2 version 4.6 has a DQL Injection Vulnerability... Moderate Unreviewed
CVE-2016-9873 was published May 17, 2022
Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported desktop environment is... Moderate Unreviewed
CVE-2014-9622 was published May 17, 2022
A command injection vulnerability in Juniper Networks NorthStar Controller Application prior to... Moderate Unreviewed
CVE-2017-2324 was published May 17, 2022
In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible... Moderate Unreviewed
CVE-2017-6184 was published May 17, 2022
An issue was discovered in Tesla Motors Model S automobile, all firmware versions before version... Moderate Unreviewed
CVE-2016-9337 was published May 17, 2022
Bugzilla before 4.0.16, 4.1.x and 4.2.x before 4.2.12, 4.3.x and 4.4.x before 4.4.7, and 5.x... Moderate Unreviewed
CVE-2014-8630 was published May 17, 2022
The management console on the Symantec Web Gateway (SWG) appliance before 5.2.2 allows remote... Moderate Unreviewed
CVE-2014-7285 was published May 17, 2022
Watchguard XCS 9.2 and 10.0 before build 150522 allow remote authenticated users to execute... Moderate Unreviewed
CVE-2015-5453 was published May 17, 2022
Zenoss Core through 5 Beta 3 does not require a password for modifying the pager command string,... Moderate Unreviewed
CVE-2014-6260 was published May 17, 2022
rubygem-openshift-origin-console in Red Hat OpenShift 2.2 allows remote authenticated users to... Moderate Unreviewed
CVE-2015-5274 was published May 17, 2022
cloner.functions.php in the XCloner plugin 3.1.2 for WordPress allows remote authenticated users... Moderate Unreviewed
CVE-2015-4336 was published May 17, 2022
Common LaTeX Service Interface (CLSI) before 0.1.3, as used in ShareLaTeX before 0.1.3, allows... Moderate Unreviewed
CVE-2015-0934 was published May 17, 2022
cgi-bin/iptablesgui.cgi in IPCop (aka IPCop Firewall) before 2.1.5 allows remote authenticated... Moderate Unreviewed
CVE-2013-7418 was published May 17, 2022
The web interface in BitTorrent allows remote attackers to execute arbitrary commands by... Moderate Unreviewed
CVE-2014-8515 was published May 17, 2022
Xiaomi Stock Browser 10.2.4.g on Xiaomi Redmi Note 5 Pro devices and other Redmi Android phones... Moderate Unreviewed
CVE-2018-20523 was published May 24, 2022
cPanel before 11.54.0.4 allows certain file-chmod operations in scripts/secureit (SEC-82). Moderate Unreviewed
CVE-2016-10849 was published May 24, 2022
cPanel before 64.0.21 allows demo accounts to execute Cpanel::SPFUI API commands (SEC-246). Moderate Unreviewed
CVE-2017-18442 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database