Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,267 advisories

Loading
On D-Link DIR-823G devices, the GoAhead configuration allows /HNAP1 Command Injection via shell... Critical Unreviewed
CVE-2018-17787 was published May 13, 2022
nmap4j 1.1.0 allows attackers to execute arbitrary commands via shell metacharacters in an... Critical Unreviewed
CVE-2018-17228 was published May 13, 2022
An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used... Critical Unreviewed
CVE-2018-17064 was published May 13, 2022
An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used... Critical Unreviewed
CVE-2018-17068 was published May 13, 2022
An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used... Critical Unreviewed
CVE-2018-17066 was published May 13, 2022
An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used... Critical Unreviewed
CVE-2018-17063 was published May 13, 2022
RICOH Interactive Whiteboard D2200 V1.6 to V2.2, D5500 V1.6 to V2.2, D5510 V1.6 to V2.2, and the... Critical Unreviewed
CVE-2018-16184 was published May 13, 2022
The test connection functionality in the NetAudit section of Opsview Monitor before 5.3.1 and 5.4... Critical Unreviewed
CVE-2018-16144 was published May 13, 2022
upgrade_handle.php on NUUO NVRmini devices allows Remote Command Execution via shell... Critical Unreviewed
CVE-2018-14933 was published May 13, 2022
System command injection in the /DroboPix/api/drobopix/demo endpoint on Drobo 5N2 NAS version 4.0... Critical Unreviewed
CVE-2018-14706 was published May 13, 2022
System command injection in the /DroboAccess/enable_user endpoint in Drobo 5N2 NAS version 4.0.5... Critical Unreviewed
CVE-2018-14699 was published May 13, 2022
An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9... Critical Unreviewed
CVE-2018-14558 was published May 13, 2022
System command injection in logtable.php in TerraMaster TOS version 3.1.03 allows attackers to... Critical Unreviewed
CVE-2018-13354 was published May 13, 2022
System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to... Critical Unreviewed
CVE-2018-13338 was published May 13, 2022
System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to... Critical Unreviewed
CVE-2018-13336 was published May 13, 2022
System command injection in formAliasIp in TOTOLINK A3002RU version 1.0.8 allows attackers to... Critical Unreviewed
CVE-2018-13314 was published May 13, 2022
System command injection in fromNtp in TOTOLINK A3002RU version 1.0.8 allows attackers to execute... Critical Unreviewed
CVE-2018-13307 was published May 13, 2022
System command injection in formAliasIp in TOTOLINK A3002RU version 1.0.8 allows attackers to... Critical Unreviewed
CVE-2018-13316 was published May 13, 2022
System command injection in formDlna in TOTOLINK A3002RU version 1.0.8 allows attackers to... Critical Unreviewed
CVE-2018-13311 was published May 13, 2022
System command injection in formDlna in TOTOLINK A3002RU version 1.0.8 allows attackers to... Critical Unreviewed
CVE-2018-13306 was published May 13, 2022
OpenTSDB vulnerable to OS Command Injection Critical
CVE-2018-12972 was published for net.opentsdb:opentsdb (Maven) May 13, 2022
Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3,... Critical Unreviewed
CVE-2018-1235 was published May 13, 2022
acccheck.pl in acccheck 0.2.1 allows Command Injection via shell metacharacters in a username or... Critical Unreviewed
CVE-2018-12268 was published May 13, 2022
OS command injection in snmp.cgi in ASUSTOR ADM version 3.1.1 allows attackers to execute system... Critical Unreviewed
CVE-2018-12313 was published May 13, 2022
The ASUSTOR ADM 3.1.0.RFQ3 NAS portal suffers from an unauthenticated remote code execution... Critical Unreviewed
CVE-2018-11510 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database