Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,231
Erlang
31
GitHub Actions
20
Go
1,991
Maven
5,000+
npm
3,709
NuGet
661
pip
3,341
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

282 advisories

Loading
Command Injection in dot Moderate
GHSA-4859-gpc7-4j66 was published for dot (npm) Jun 5, 2019
Rate Limiting Bypass in express-brute Moderate
GHSA-984p-xq9m-4rjw was published for express-brute (npm) Jun 7, 2019
Command Injection in standard-version Moderate
GHSA-7xcx-6wjh-7xp2 was published for standard-version (npm) Jul 13, 2020
Command Injection in wxchangba Moderate
GHSA-j6v9-xgvh-f796 was published for wxchangba (npm) Sep 11, 2020
Arbitrary code execution in kill-by-port Moderate
CVE-2021-23363 was published for kill-by-port (npm) Apr 13, 2021
Arbitrary command execution in roar-pidusage Moderate
CVE-2021-23380 was published for roar-pidusage (npm) May 6, 2021
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... Moderate Unreviewed
CVE-2022-25619 was published Mar 31, 2022
A remote authenticated arbitrary command execution vulnerability was discovered in Aruba AirWave... Moderate Unreviewed
CVE-2021-26970 was published May 24, 2022
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy... Moderate Unreviewed
CVE-2021-34615 was published May 24, 2022
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy... Moderate Unreviewed
CVE-2021-34616 was published May 24, 2022
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy... Moderate Unreviewed
CVE-2021-34613 was published May 24, 2022
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy... Moderate Unreviewed
CVE-2021-34614 was published May 24, 2022
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy... Moderate Unreviewed
CVE-2021-34612 was published May 24, 2022
In Alpine through 2.24, untagged responses from an IMAP server are accepted before STARTTLS. Moderate Unreviewed
CVE-2021-38370 was published May 24, 2022
By executing a special command, an user with administrative rights can get access to extended... Moderate Unreviewed
CVE-2021-23861 was published Dec 9, 2021
EMC Documentum D2 version 4.5 and EMC Documentum D2 version 4.6 has a DQL Injection Vulnerability... Moderate Unreviewed
CVE-2016-9873 was published May 17, 2022
A command injection vulnerability in Juniper Networks NorthStar Controller Application prior to... Moderate Unreviewed
CVE-2017-2324 was published May 17, 2022
An issue was discovered in Tesla Motors Model S automobile, all firmware versions before version... Moderate Unreviewed
CVE-2016-9337 was published May 17, 2022
Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported desktop environment is... Moderate Unreviewed
CVE-2014-9622 was published May 17, 2022
The management console on the Symantec Web Gateway (SWG) appliance before 5.2.2 allows remote... Moderate Unreviewed
CVE-2014-7285 was published May 17, 2022
In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible... Moderate Unreviewed
CVE-2017-6184 was published May 17, 2022
The submission service in Dovecot before 2.3.15 allows STARTTLS command injection in lib-smtp.... Moderate Unreviewed
CVE-2021-33515 was published May 24, 2022
Bugzilla before 4.0.16, 4.1.x and 4.2.x before 4.2.12, 4.3.x and 4.4.x before 4.4.7, and 5.x... Moderate Unreviewed
CVE-2014-8630 was published May 17, 2022
Watchguard XCS 9.2 and 10.0 before build 150522 allow remote authenticated users to execute... Moderate Unreviewed
CVE-2015-5453 was published May 17, 2022
Zenoss Core through 5 Beta 3 does not require a password for modifying the pager command string,... Moderate Unreviewed
CVE-2014-6260 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database