Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,267 advisories

Loading
Advantech WebAccess/SCADA, Versions 8.3.5 and prior. Multiple command injection vulnerabilities,... Critical Unreviewed
CVE-2019-6552 was published May 13, 2022
FruityWifi (aka PatatasFritas/PatataWifi) 2.1 allows remote attackers to execute arbitrary... Critical Unreviewed
CVE-2018-17317 was published May 13, 2022
Main_Analysis_Content.asp in /apply.cgi on ASUS RT-AC66U, RT-AC68U, RT-AC86U, RT-AC88U, RT-AC1900... Critical Unreviewed
CVE-2018-9285 was published May 13, 2022
OS Command Injection in Plexus-utils Critical
CVE-2017-1000487 was published for org.codehaus.plexus:plexus-utils (Maven) May 13, 2022
An unspecified CGI script in Cisco FX-OS before 1.1.2 on Firepower 9000 devices and Cisco Unified... Critical Unreviewed
CVE-2015-6435 was published May 13, 2022
On D-Link DIR-818LW Rev.A 2.05.B03 and DIR-860L Rev.B 2.03.B03 devices, unauthenticated remote OS... Critical Unreviewed
CVE-2018-20114 was published May 13, 2022
GNU Bash through 4.3 processes trailing strings after function definitions in the values of... Critical Unreviewed
CVE-2014-6271 was published May 13, 2022
An Improper Neutralization of Special Elements (in an OS command) issue was discovered in... Critical Unreviewed
CVE-2017-5173 was published May 13, 2022
An exploitable OS Command Injection vulnerability exists in the Telnet, SSH, and console login... Critical Unreviewed
CVE-2017-14459 was published May 13, 2022
In the MMM::Agent::Helpers::_execute function in MySQL Multi-Master Replication Manager (MMM)... Critical Unreviewed
CVE-2017-14474 was published May 13, 2022
In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager ... Critical Unreviewed
CVE-2017-14475 was published May 13, 2022
In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager ... Critical Unreviewed
CVE-2017-14476 was published May 13, 2022
In the MMM::Agent::Helpers::Network::send_arp function in MySQL Multi-Master Replication Manager ... Critical Unreviewed
CVE-2017-14481 was published May 13, 2022
In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi-Master Replication Manager ... Critical Unreviewed
CVE-2017-14478 was published May 13, 2022
In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi-Master Replication Manager ... Critical Unreviewed
CVE-2017-14479 was published May 13, 2022
In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi-Master Replication Manager ... Critical Unreviewed
CVE-2017-14480 was published May 13, 2022
In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager ... Critical Unreviewed
CVE-2017-14477 was published May 13, 2022
An exploitable OS Command Injection vulnerability exists in the web application 'ping'... Critical Unreviewed
CVE-2016-8721 was published May 13, 2022
A OS command injection vulnerability in the CGI program of Zyxel USG FLEX 100(W) firmware... Critical Unreviewed
CVE-2022-30525 was published May 13, 2022
SolarView Compact ver.6.00 was discovered to contain a command injection vulnerability via... Critical Unreviewed
CVE-2022-29303 was published May 13, 2022
A OS Command Injection vulnerability was discovered in Artica Proxy 4.30.000000. Attackers can... Critical Unreviewed
CVE-2021-41739 was published May 6, 2022
Tenda TX9 Pro 22.03.02.10 devices allow OS command injection via set_route (called by... Critical Unreviewed
CVE-2022-29592 was published May 6, 2022
The c_rehash script does not properly sanitise shell metacharacters to prevent command injection.... Critical Unreviewed
CVE-2022-1292 was published May 4, 2022
OS Command Injection in git-pull-or-clone Critical
CVE-2022-24437 was published for git-pull-or-clone (npm) May 3, 2022
lirantal
Credited to lirantal
Telesquare SDT-CW3B1 1.1.0 is affected by an OS command injection vulnerability that allows a... Critical Unreviewed
CVE-2021-46422 was published Apr 28, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database