Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,267 advisories

Loading
Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers... Critical Unreviewed
CVE-2022-20708 was published Feb 11, 2022
OS Command Injection in install-package Critical
CVE-2020-7629 was published for install-package (npm) Feb 10, 2022
OS Command Injection in git-add-remote Critical
CVE-2020-7630 was published for git-add-remote (npm) Feb 10, 2022
OS Command Injection in node-key-sender Critical
CVE-2020-7627 was published for node-key-sender (npm) Feb 10, 2022
Withdrawn Advisory: OS Command Injection in effect Critical
CVE-2020-7624 was published for effect (npm) Feb 10, 2022 withdrawn
Fidget-Grep
Credited to Fidget-Grep
Injection in op-browser Critical
CVE-2020-7625 was published for op-browser (npm) Feb 10, 2022
karma-mojo enables OS Command Injection Critical
CVE-2020-7626 was published for karma-mojo (npm) Feb 10, 2022
Code injection in @rkesters/gnuplot Critical
CVE-2021-29369 was published for @rkesters/gnuplot (npm) Feb 10, 2022
OS Command Injection in jscover Critical
CVE-2020-7623 was published for jscover (npm) Feb 10, 2022
OS Command Injection in strong-nginx-controller Critical
CVE-2020-7621 was published for strong-nginx-controller (npm) Feb 10, 2022
Remote Code Execution in cominput.jsp and comoutput.jsp in Northstar Technologies Inc NorthStar... Critical Unreviewed
CVE-2021-29393 was published Feb 10, 2022
The affected product is vulnerable to an authenticated OS command injection, which may allow an... Critical Unreviewed
CVE-2022-0365 was published Feb 10, 2022
push-dir Enables OS Command Injection Critical
CVE-2019-10803 was published for push-dir (npm) Feb 9, 2022
D-Link device DIR_882 DIR_882_FW1.30B06_Hotfix_02 was discovered to contain a command injection... Critical Unreviewed
CVE-2021-44881 was published Feb 8, 2022
D-Link devices DIR_878 DIR_878_FW1.30B08_Hotfix_02 and DIR_882 DIR_882_FW1.30B06_Hotfix_02 were... Critical Unreviewed
CVE-2021-44880 was published Feb 8, 2022
D-Link device DIR_878_FW1.30B08_Hotfix_02 was discovered to contain a command injection... Critical Unreviewed
CVE-2021-44882 was published Feb 8, 2022
An OS command injection vulnerability exists in the device network settings functionality of... Critical Unreviewed
CVE-2021-40409 was published Jan 29, 2022
An OS command injection vulnerability exists in the device network settings functionality of... Critical Unreviewed
CVE-2021-40408 was published Jan 29, 2022
An OS command injection vulnerability exists in the device network settings functionality of... Critical Unreviewed
CVE-2021-40407 was published Jan 29, 2022
Improper Neutralization of Argument Delimiters in a Decompiling Package Process in APKLeaks Critical
CVE-2021-21386 was published for APKLeaks (pip) Jan 21, 2022
Ry0taK
Credited to Ry0taK
China Mobile An Lianbao WF-1 router v1.0.1 is affected by an OS command injection vulnerability... Critical Unreviewed
CVE-2021-33962 was published Jan 15, 2022
OS Command Injection in diskusage-ng Critical
CVE-2020-7631 was published for diskusage-ng (npm) Jan 7, 2022
OS Command Injection in node-mpv Critical
CVE-2020-7632 was published for node-mpv (npm) Jan 7, 2022
Gerapy may cause remote code execution Critical
CVE-2021-43857 was published for gerapy (pip) Jan 6, 2022
mySCADA myPRO: Versions 8.20.0 and prior has a feature where the API password can be specified,... Critical Unreviewed
CVE-2021-22657 was published Dec 24, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database