Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,873
Erlang
37
GitHub Actions
36
Go
2,519
Maven
5,000+
npm
4,156
NuGet
736
pip
3,956
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,216 advisories

Loading
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-27083 was published Mar 25, 2022
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-27076 was published Mar 25, 2022
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-26536 was published Mar 25, 2022
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-26289 was published Mar 25, 2022
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-27079 was published Mar 25, 2022
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-27081 was published Mar 25, 2022
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-27080 was published Mar 25, 2022
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-27077 was published Mar 25, 2022
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-27082 was published Mar 25, 2022
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-27078 was published Mar 25, 2022
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-26290 was published Mar 25, 2022
totolink a3100r V5.9c.4577 is vulnerable to os command injection. The backend of a page is... Critical Unreviewed
CVE-2021-46007 was published Apr 1, 2022
Dell VNX2 for file version 8.1.21.266 and earlier, contain an unauthenticated remote code... Critical Unreviewed
CVE-2021-36287 was published Apr 9, 2022
A flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies... Critical Unreviewed
CVE-2022-4515 was published Dec 20, 2022
A CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection... Critical Unreviewed
CVE-2021-22795 was published Apr 14, 2022
A flaw was found in WebSVN 2.3.2. Without prior authentication, if the 'allowDownload' option is... Critical Unreviewed
CVE-2011-2195 was published Apr 22, 2022
OS Command Injection in git-pull-or-clone Critical
CVE-2022-24437 was published for git-pull-or-clone (npm) May 3, 2022
lirantal
Improper Neutralization of Special Elements used in an OS Command in Blamer Critical
CVE-2019-10807 was published for blamer (npm) May 24, 2022
PROSCEND - PROSCEND / ADVICE .Ltd - G/5G Industrial Cellular Router (with GPS)4 Unauthenticated... Critical Unreviewed
CVE-2022-36779 was published Sep 14, 2022
Command Injection in Tenda G1 and G3 routers with firmware versions v15.11.0.17(9502)_CN or v15... Critical Unreviewed
CVE-2021-27692 was published May 24, 2022
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an... Critical Unreviewed
CVE-2021-1142 was published May 24, 2022
Command Injection in Tenda G0 routers with firmware versions v15.11.0.6(9039)_CN and v15.11.0.5... Critical Unreviewed
CVE-2021-27691 was published May 24, 2022
rConfig 3.9.5 allows command injection by sending a crafted GET request to lib/ajaxHandlers... Critical Unreviewed
CVE-2020-23151 was published May 24, 2022
TOTOLINK EX1200T V4.1.2cu.5215 is affected by a command injection vulnerability that can remotely... Critical Unreviewed
CVE-2021-42872 was published Jun 3, 2022
In Apache SpamAssassin before 3.4.5, malicious rule configuration (.cf) files can be configured... Critical Unreviewed
CVE-2020-1946 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database