GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,063
Composer 4,318
Erlang 31
GitHub Actions 21
Go 2,074
Maven 5,249
npm 3,746
NuGet 674
pip 3,434
Pub 12
RubyGems 892
Rust 880
Swift 37

Unreviewed advisories

All unreviewed 241,104

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

281 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability in Cisco access points (AP) software could allow an authenticated, local attacker... Moderate Unreviewed

CVE-2023-20097 was published Mar 23, 2023

A command injection vulnerability in Trellix Intelligent Sandbox CLI for version 5.2 and earlier,... Moderate Unreviewed

CVE-2023-0978 was published Mar 13, 2023

Command Injection in GitHub repository btcpayserver/btcpayserver prior to 1.8.3. Moderate Unreviewed

CVE-2023-1270 was published Mar 8, 2023

Vulnerability in the CLI of Cisco Secure Email Gateway could allow an authenticated, remote... Moderate Unreviewed

CVE-2023-20075 was published Mar 1, 2023

Dell PowerScale OneFS, 8.2.x-9.4.x, contain a command injection vulnerability. An authenticated... Moderate Unreviewed

CVE-2022-45095 was published Feb 1, 2023

In network service, there is a missing permission check. This could lead to local escalation of... Moderate Unreviewed

CVE-2022-39085 was published Jan 4, 2023

In network service, there is a missing permission check. This could lead to local escalation of... Moderate Unreviewed

CVE-2022-39082 was published Jan 4, 2023

In network service, there is a missing permission check. This could lead to local escalation of... Moderate Unreviewed

CVE-2022-39081 was published Jan 4, 2023

In network service, there is a missing permission check. This could lead to local escalation of... Moderate Unreviewed

CVE-2022-39084 was published Jan 4, 2023

In network service, there is a missing permission check. This could lead to local escalation of... Moderate Unreviewed

CVE-2022-39083 was published Jan 4, 2023

In network service, there is a missing permission check. This could lead to local escalation of... Moderate Unreviewed

CVE-2022-39088 was published Jan 4, 2023

In network service, there is a missing permission check. This could lead to local escalation of... Moderate Unreviewed

CVE-2022-39086 was published Jan 4, 2023

In network service, there is a missing permission check. This could lead to local escalation of... Moderate Unreviewed

CVE-2022-39087 was published Jan 4, 2023

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 (22.22.6100.0... Moderate Unreviewed

CVE-2022-40765 was published Nov 22, 2022

Hustoj 22.09.22 has a XSS Vulnerability in /admin/problem_judge.php. Moderate Unreviewed

CVE-2022-42187 was published Nov 17, 2022

A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software and Cisco FXOS... Moderate Unreviewed

CVE-2022-20934 was published Nov 16, 2022

Insufficient ID command validation in the SEV Firmware may allow a local authenticated attacker... Moderate Unreviewed

CVE-2021-26321 was published May 24, 2022

A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy... Moderate Unreviewed

CVE-2021-40995 was published May 24, 2022

A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy... Moderate Unreviewed

CVE-2021-40994 was published May 24, 2022

Dell EMC PowerScale OneFS versions 8.2.x - 9.1.1.x contain an improper neutralization of special... Moderate Unreviewed

CVE-2021-21595 was published May 24, 2022

In s/qmail through 4.0.07, an active MitM can inject arbitrary plaintext commands into a STARTTLS... Moderate Unreviewed

CVE-2020-15955 was published May 24, 2022

In Alpine through 2.24, untagged responses from an IMAP server are accepted before STARTTLS. Moderate Unreviewed

CVE-2021-38370 was published May 24, 2022

In KDE Trojita 0.7, man-in-the-middle attackers can create new folders because untagged responses... Moderate Unreviewed

CVE-2021-38372 was published May 24, 2022

In KDE KMail 19.12.3 (aka 5.13.3), the SMTP STARTTLS option is not honored (and cleartext... Moderate Unreviewed

CVE-2021-38373 was published May 24, 2022

A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy... Moderate Unreviewed

CVE-2021-34614 was published May 24, 2022

Previous 1 2 … 5 6 7 8 9 10 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

281 advisories