Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,762
NuGet
678
pip
3,447
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

283 advisories

Loading
An issue was discovered in GitLab Community and Enterprise Edition before 11.11.8, 12 before 12.0... Moderate Unreviewed
CVE-2019-14944 was published Apr 16, 2023
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... Moderate Unreviewed
CVE-2022-43623 was published Mar 29, 2023
A vulnerability in Cisco access points (AP) software could allow an authenticated, local attacker... Moderate Unreviewed
CVE-2023-20097 was published Mar 23, 2023
A command injection vulnerability in Trellix Intelligent Sandbox CLI for version 5.2 and earlier,... Moderate Unreviewed
CVE-2023-0978 was published Mar 13, 2023
Command Injection in GitHub repository btcpayserver/btcpayserver prior to 1.8.3. Moderate Unreviewed
CVE-2023-1270 was published Mar 8, 2023
Vulnerability in the CLI of Cisco Secure Email Gateway could allow an authenticated, remote... Moderate Unreviewed
CVE-2023-20075 was published Mar 1, 2023
Dell PowerScale OneFS, 8.2.x-9.4.x, contain a command injection vulnerability. An authenticated... Moderate Unreviewed
CVE-2022-45095 was published Feb 1, 2023
In network service, there is a missing permission check. This could lead to local escalation of... Moderate Unreviewed
CVE-2022-39082 was published Jan 4, 2023
In network service, there is a missing permission check. This could lead to local escalation of... Moderate Unreviewed
CVE-2022-39085 was published Jan 4, 2023
In network service, there is a missing permission check. This could lead to local escalation of... Moderate Unreviewed
CVE-2022-39084 was published Jan 4, 2023
In network service, there is a missing permission check. This could lead to local escalation of... Moderate Unreviewed
CVE-2022-39081 was published Jan 4, 2023
In network service, there is a missing permission check. This could lead to local escalation of... Moderate Unreviewed
CVE-2022-39083 was published Jan 4, 2023
In network service, there is a missing permission check. This could lead to local escalation of... Moderate Unreviewed
CVE-2022-39088 was published Jan 4, 2023
In network service, there is a missing permission check. This could lead to local escalation of... Moderate Unreviewed
CVE-2022-39086 was published Jan 4, 2023
In network service, there is a missing permission check. This could lead to local escalation of... Moderate Unreviewed
CVE-2022-39087 was published Jan 4, 2023
A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 (22.22.6100.0... Moderate Unreviewed
CVE-2022-40765 was published Nov 22, 2022
Hustoj 22.09.22 has a XSS Vulnerability in /admin/problem_judge.php. Moderate Unreviewed
CVE-2022-42187 was published Nov 17, 2022
A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software and Cisco FXOS... Moderate Unreviewed
CVE-2022-20934 was published Nov 16, 2022
Insufficient ID command validation in the SEV Firmware may allow a local authenticated attacker... Moderate Unreviewed
CVE-2021-26321 was published May 24, 2022
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy... Moderate Unreviewed
CVE-2021-40995 was published May 24, 2022
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy... Moderate Unreviewed
CVE-2021-40994 was published May 24, 2022
Dell EMC PowerScale OneFS versions 8.2.x - 9.1.1.x contain an improper neutralization of special... Moderate Unreviewed
CVE-2021-21595 was published May 24, 2022
In s/qmail through 4.0.07, an active MitM can inject arbitrary plaintext commands into a STARTTLS... Moderate Unreviewed
CVE-2020-15955 was published May 24, 2022
In Alpine through 2.24, untagged responses from an IMAP server are accepted before STARTTLS. Moderate Unreviewed
CVE-2021-38370 was published May 24, 2022
In KDE KMail 19.12.3 (aka 5.13.3), the SMTP STARTTLS option is not honored (and cleartext... Moderate Unreviewed
CVE-2021-38373 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database