Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,873
Erlang
37
GitHub Actions
36
Go
2,520
Maven
5,000+
npm
4,159
NuGet
736
pip
3,958
Pub
12
RubyGems
946
Rust
1,027
Swift
39
Unreviewed advisories
All unreviewed
5,000+

1,216 advisories

Loading
A vulnerability in the web-based management interface of Cisco Secure Network Analytics,... Critical Unreviewed
CVE-2022-20797 was published May 28, 2022
A remote command execution vulnerability exists in add_server_service of PPTP_SERVER in Mercury... Critical Unreviewed
CVE-2020-22724 was published May 24, 2022
A vulnerability was found in OpenNetAdmin 18.1.1. It has been rated as critical. Affected by this... Critical Unreviewed
CVE-2019-25065 was published Jun 10, 2022
An command injection vulnerability in HNAP1/SetWLanApcliSettings of Motorola CX2 router CX 1.0.2... Critical Unreviewed
CVE-2020-21937 was published May 24, 2022
An exploitable unatuhenticated command injection exists in the OpenClinic GA 5.173.3. Specially... Critical Unreviewed
CVE-2020-27227 was published May 24, 2022
OS Command Injection in file editor in Gogs Critical
CVE-2022-1986 was published for gogs.io/gogs (Go) Jun 8, 2022
1135
Multiple vulnerabilities exist in the web-based management interface of Cisco Small Business RV... Critical Unreviewed
CVE-2021-1473 was published May 24, 2022
In SapphireIMS 5.0, it is possible to use the hardcoded credential in clients (username: sapphire... Critical Unreviewed
CVE-2020-25560 was published May 24, 2022
An issue was found on TRENDnet TEW-831DR 1.0 601.130.1.1356 devices. An OS injection... Critical Unreviewed
CVE-2022-30329 was published Jun 17, 2022
The Quectel RG502Q-EA modem before 2022-02-23 allow OS Command Injection. Critical Unreviewed
CVE-2022-26147 was published Jun 22, 2022
Multiple command injection vulnerabilities exist in the web_server action endpoints... Critical Unreviewed
CVE-2022-33313 was published Jul 1, 2022
An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control Center) devices before 8... Critical Unreviewed
CVE-2022-31795 was published Jun 21, 2022
An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control Center) devices before 8... Critical Unreviewed
CVE-2022-31794 was published Jun 21, 2022
Marval MSM v14.19.0.12476 is vulnerable to OS Command Injection due to the insecure handling of... Critical Unreviewed
CVE-2022-31885 was published Jun 29, 2022
Multiple command injection vulnerabilities exist in the web_server action endpoints... Critical Unreviewed
CVE-2022-33312 was published Jul 1, 2022
Multiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities... Critical Unreviewed
CVE-2022-33328 was published Jul 1, 2022
Multiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities... Critical Unreviewed
CVE-2022-33326 was published Jul 1, 2022
Multiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities... Critical Unreviewed
CVE-2022-33327 was published Jul 1, 2022
Multiple command injection vulnerabilities exist in the web_server action endpoints... Critical Unreviewed
CVE-2022-33314 was published Jul 1, 2022
Multiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities... Critical Unreviewed
CVE-2022-33329 was published Jul 1, 2022
Command injection in git-it-electron Critical
CVE-2021-44685 was published for git-it-electron (npm) Dec 8, 2021
dwisiswant0
IBM Security Guardium 10.0 could allow a remote authenticated attacker to execute arbitrary... Critical Unreviewed
CVE-2017-1253 was published May 17, 2022
Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier. Toshiba Home gateway HEM... Critical Unreviewed
CVE-2017-2237 was published May 17, 2022
Atlassian SourceTree v2.5c and prior are affected by a command injection in the handling of the... Critical Unreviewed
CVE-2017-8768 was published May 17, 2022
IBM CICS TX Standard and Advanced 11.1 could allow a remote attacker to execute arbitrary... Critical Unreviewed
CVE-2022-31767 was published Jun 25, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database