GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,270
Erlang
31
GitHub Actions
21
Go
2,044
Maven
5,000+
npm
3,736
NuGet
663
pip
3,414
Pub
12
RubyGems
891
Rust
868
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
273 advisories
Filter by severity
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability...
Moderate
Unreviewed
CVE-2022-25619
was published
Mar 31, 2022
A remote authenticated arbitrary command execution vulnerability was discovered in Aruba AirWave...
Moderate
Unreviewed
CVE-2021-26970
was published
May 24, 2022
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy...
Moderate
Unreviewed
CVE-2021-34615
was published
May 24, 2022
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy...
Moderate
Unreviewed
CVE-2021-34616
was published
May 24, 2022
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy...
Moderate
Unreviewed
CVE-2021-34613
was published
May 24, 2022
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy...
Moderate
Unreviewed
CVE-2021-34614
was published
May 24, 2022
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy...
Moderate
Unreviewed
CVE-2021-34612
was published
May 24, 2022
In Alpine through 2.24, untagged responses from an IMAP server are accepted before STARTTLS.
Moderate
Unreviewed
CVE-2021-38370
was published
May 24, 2022
By executing a special command, an user with administrative rights can get access to extended...
Moderate
Unreviewed
CVE-2021-23861
was published
Dec 9, 2021
EMC Documentum D2 version 4.5 and EMC Documentum D2 version 4.6 has a DQL Injection Vulnerability...
Moderate
Unreviewed
CVE-2016-9873
was published
May 17, 2022
A command injection vulnerability in Juniper Networks NorthStar Controller Application prior to...
Moderate
Unreviewed
CVE-2017-2324
was published
May 17, 2022
An issue was discovered in Tesla Motors Model S automobile, all firmware versions before version...
Moderate
Unreviewed
CVE-2016-9337
was published
May 17, 2022
Eval injection vulnerability in xdg-utils 1.1.0 RC1, when no supported desktop environment is...
Moderate
Unreviewed
CVE-2014-9622
was published
May 17, 2022
The management console on the Symantec Web Gateway (SWG) appliance before 5.2.2 allows remote...
Moderate
Unreviewed
CVE-2014-7285
was published
May 17, 2022
In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible...
Moderate
Unreviewed
CVE-2017-6184
was published
May 17, 2022
The submission service in Dovecot before 2.3.15 allows STARTTLS command injection in lib-smtp....
Moderate
Unreviewed
CVE-2021-33515
was published
May 24, 2022
Bugzilla before 4.0.16, 4.1.x and 4.2.x before 4.2.12, 4.3.x and 4.4.x before 4.4.7, and 5.x...
Moderate
Unreviewed
CVE-2014-8630
was published
May 17, 2022
Watchguard XCS 9.2 and 10.0 before build 150522 allow remote authenticated users to execute...
Moderate
Unreviewed
CVE-2015-5453
was published
May 17, 2022
Zenoss Core through 5 Beta 3 does not require a password for modifying the pager command string,...
Moderate
Unreviewed
CVE-2014-6260
was published
May 17, 2022
cloner.functions.php in the XCloner plugin 3.1.2 for WordPress allows remote authenticated users...
Moderate
Unreviewed
CVE-2015-4336
was published
May 17, 2022
Common LaTeX Service Interface (CLSI) before 0.1.3, as used in ShareLaTeX before 0.1.3, allows...
Moderate
Unreviewed
CVE-2015-0934
was published
May 17, 2022
cgi-bin/iptablesgui.cgi in IPCop (aka IPCop Firewall) before 2.1.5 allows remote authenticated...
Moderate
Unreviewed
CVE-2013-7418
was published
May 17, 2022
The web interface in BitTorrent allows remote attackers to execute arbitrary commands by...
Moderate
Unreviewed
CVE-2014-8515
was published
May 17, 2022
A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 (22.22.6100.0...
Moderate
Unreviewed
CVE-2022-40765
was published
Nov 22, 2022
In GraphicsMagick before 1.3.32, the text filename component allows remote attackers to read...
Moderate
Unreviewed
CVE-2019-12921
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API