Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,267 advisories

Loading
Command injection in git-interface Critical
CVE-2022-1440 was published for git-interface (npm) Apr 23, 2022
lirantal
Credited to lirantal
A flaw was found in WebSVN 2.3.2. Without prior authentication, if the 'allowDownload' option is... Critical Unreviewed
CVE-2011-2195 was published Apr 22, 2022
A CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection... Critical Unreviewed
CVE-2021-22795 was published Apr 14, 2022
Dell VNX2 for file version 8.1.21.266 and earlier, contain an unauthenticated remote code... Critical Unreviewed
CVE-2021-36287 was published Apr 9, 2022
An attacker could leverage an API to pass along a malicious file that could then manipulate the... Critical Unreviewed
CVE-2021-32933 was published Apr 3, 2022
Improper input validation in the built-in web server in Moxa NPort IAW5000A-I/O series firmware... Critical Unreviewed
CVE-2021-32974 was published Apr 3, 2022
totolink a3100r V5.9c.4577 is vulnerable to os command injection. The backend of a page is... Critical Unreviewed
CVE-2021-46007 was published Apr 1, 2022
Command Injection vulnerability in asciidoctor-include-ext Critical
CVE-2022-24803 was published for asciidoctor-include-ext (RubyGems) Mar 31, 2022
joernchen
Credited to joernchen
D-Link DIR-820L 1.05B03 was discovered to contain a remote command execution (RCE) vulnerability... Critical Unreviewed
CVE-2022-26258 was published Mar 29, 2022
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-26290 was published Mar 25, 2022
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-26289 was published Mar 25, 2022
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-27081 was published Mar 25, 2022
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-27078 was published Mar 25, 2022
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-27077 was published Mar 25, 2022
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-26536 was published Mar 25, 2022
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-27076 was published Mar 25, 2022
GNOME OCRFeeder before 0.8.4 allows OS command injection via shell metacharacters in a PDF or... Critical Unreviewed
CVE-2022-27811 was published Mar 25, 2022
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-27079 was published Mar 25, 2022
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-27082 was published Mar 25, 2022
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-27080 was published Mar 25, 2022
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-27083 was published Mar 25, 2022
A vulnerability exists in the SaveConfigFile function of the RACompare Service, which may allow... Critical Unreviewed
CVE-2021-27476 was published Mar 24, 2022
VMware Carbon Black App Control (8.5.x prior to 8.5.14, 8.6.x prior to 8.6.6, 8.7.x prior to 8.7... Critical Unreviewed
CVE-2022-22951 was published Mar 24, 2022
** UNSUPPORTED WHEN ASSIGNED ** Improper neutralization of Special Elements leading to OS Command... Critical Unreviewed
CVE-2022-22273 was published Mar 18, 2022
Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the upnp... Critical Unreviewed
CVE-2022-26997 was published Mar 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database