Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,828
Erlang
29
GitHub Actions
16
Go
1,715
Maven
4,950
npm
3,480
NuGet
605
pip
3,023
Pub
10
RubyGems
832
Rust
776
Swift
34
Unreviewed advisories
All unreviewed
5,000+

278 advisories

Command Injection Vulnerability in systeminformation Moderate
CVE-2020-26274 was published for systeminformation (npm) Dec 16, 2020
Command injection in codecov (npm package) Moderate
CVE-2020-15123 was published for codecov (npm) Jul 20, 2020
Prototype Pollution in systeminformation Moderate
CVE-2020-26245 was published for systeminformation (npm) Nov 27, 2020
OS Command Injection in node-notifier Moderate
CVE-2020-7789 was published for node-notifier (npm) Dec 21, 2020
Arbitrary Command Injection due to Improper Command Sanitization Moderate
GHSA-hxwm-x553-x359 was published for @npmcli/git (npm) Aug 5, 2021
tyage
Code injection in npm git Moderate
CVE-2021-23632 was published for git (npm) Mar 18, 2022
lib/ajaxHandlers/ajaxAddTemplate.php in rConfig through 3.94 allows remote attackers to execute... Moderate Unreviewed
CVE-2020-10221 was published May 24, 2022
react-dev-utils OS Command Injection in function `getProcessForPort` Moderate
CVE-2021-24033 was published for react-dev-utils (npm) Mar 11, 2021
A remote authenticated SQL Injection vulnerabilitiy was discovered in Aruba ClearPass Policy... Moderate Unreviewed
CVE-2021-26685 was published May 24, 2022
GigaCC OFFICE ver.2.3 and earlier allows remote attackers to execute arbitrary OS commands via... Moderate Unreviewed
CVE-2016-7844 was published May 17, 2022
Cisco TelePresence endpoints running either CE or TC software contain a vulnerability that could... Moderate Unreviewed
CVE-2016-6459 was published May 17, 2022
A vulnerability in a startup script of Cisco IOS XE Software could allow an unauthenticated... Moderate Unreviewed
CVE-2017-6606 was published May 17, 2022
A vulnerability in CLI command processing in the Cisco Firepower 4100 Series Next-Generation... Moderate Unreviewed
CVE-2017-3806 was published May 17, 2022
WNC01WH firmware 1.0.0.9 and earlier allows authenticated attackers to execute arbitrary OS... Moderate Unreviewed
CVE-2017-2152 was published May 17, 2022
Dell EMC PowerStore, contains an OS command injection Vulnerability. A locally authenticated... Moderate Unreviewed
CVE-2022-22555 was published Jul 22, 2022
IBM CICS TX 11.1 could allow allow an attacker with physical access to the system to execute code... Moderate Unreviewed
CVE-2022-33955 was published Aug 2, 2022
Buffalo network devices WSR-3200AX4S firmware Ver. 1.26 and earlier, WSR-3200AX4B firmware Ver. 1... Moderate Unreviewed
CVE-2022-43466 was published Dec 19, 2022
McAfee Enterprise Security Manager (ESM), Enterprise Security Manager/Log Manager (ESMLM), and... Moderate Unreviewed
CVE-2015-7310 was published May 17, 2022
A local file script in Cisco TelePresence Video Communication Server (VCS) Expressway X8.5.2... Moderate Unreviewed
CVE-2015-4330 was published May 17, 2022
A vulnerability in the self-healing functionality of Cisco IOS XE Software for Embedded Wireless... Moderate Unreviewed
CVE-2022-20855 was published Oct 1, 2022
OCS Inventory NG 2.7 allows Remote Command Execution via shell metacharacters to require... Moderate Unreviewed
CVE-2020-14947 was published May 24, 2022
baserCMS 3.0.2 through 3.0.8 allows remote authenticated users to execute arbitrary OS commands... Moderate Unreviewed
CVE-2015-7769 was published May 17, 2022
KDDI HOME SPOT CUBE devices before 2 allow remote authenticated users to execute arbitrary OS... Moderate Unreviewed
CVE-2016-1141 was published May 17, 2022
An unspecified script in the web interface in Cisco Firepower Extensible Operating System 1.1(1... Moderate Unreviewed
CVE-2015-6380 was published May 17, 2022
PC-EGG pWebManager before 3.3.10, and before 2.2.2 for PHP 4.x, allows remote authenticated users... Moderate Unreviewed
CVE-2015-7774 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API