Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,002 advisories

Loading
D-Link DSL-3782 v1.03 and below was discovered to contain a command injection vulnerability via... High Unreviewed
CVE-2022-34527 was published Jul 30, 2022
Input passed to the Pdf() function is shell escaped and passed to child_process.exec() during PDF... Critical Unreviewed
CVE-2016-4991 was published Jul 29, 2022
Realtek rtl819x-SDK before v3.6.1 allows command injection over the web interface. High Unreviewed
CVE-2022-29558 was published Jul 29, 2022
git-archive vulnerable to Command Injection via exports function High
CVE-2020-28422 was published for git-archive (npm) Jul 26, 2022
google-cloudstorage-commands Command Injection vulnerability Critical
CVE-2020-28436 was published for google-cloudstorage-commands (npm) Jul 26, 2022
deferred-exec Command Injection vulnerability Critical
CVE-2020-28438 was published for deferred-exec (npm) Jul 26, 2022
ffmpeg-sdk vulnerable to OS Command Injection Critical
CVE-2020-28435 was published for ffmpeg-sdk (npm) Jul 26, 2022
ntesseract vulnerable to Command Injection Critical
CVE-2020-28446 was published for ntesseract (npm) Jul 26, 2022
sonar-wrapper Command Injection vulnerability Critical
CVE-2020-28443 was published for sonar-wrapper (npm) Jul 26, 2022
This affects all versions of package npm-help. The injection point is located in line 13 in index... Critical Unreviewed
CVE-2020-28445 was published Jul 26, 2022
xopen is vulnerable to OS Command Injection in Exported Function xopen(filepath) Critical
CVE-2020-28447 was published for xopen (npm) Jul 26, 2022
The affected product is vulnerable to two instances of command injection, which may allow an... Critical Unreviewed
CVE-2022-2143 was published Jul 23, 2022
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a command... High Unreviewed
CVE-2022-34539 was published Jul 20, 2022
Shanghai Feixun Data Communication Technology Co., Ltd router fir302b A2 was discovered to... High Unreviewed
CVE-2022-27373 was published Jul 20, 2022
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a command... High Unreviewed
CVE-2022-34540 was published Jul 20, 2022
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a command... High Unreviewed
CVE-2022-34538 was published Jul 20, 2022
A malformed SMI (System Management Interface) command may allow an attacker to establish a... High Unreviewed
CVE-2021-26384 was published Jul 15, 2022
A vulnerability has been identified in RUGGEDCOM ROX MX5000 (All versions < 2.15.1), RUGGEDCOM... High Unreviewed
CVE-2022-29560 was published Jul 13, 2022
A vulnerability has been identified in SIMATIC CP 1242-7 V2 (All versions), SIMATIC CP 1243-1 ... Critical Unreviewed
CVE-2022-34820 was published Jul 13, 2022
Wavlink WL-WN575A3 RPT75A3.V4300.201217 was discovered to contain a command injection... Critical Unreviewed
CVE-2022-34592 was published Jul 8, 2022
TOTOLINK EX300_V2 V4.0.3c.7484 was discovered to contain a command injection vulnerability via... Critical Unreviewed
CVE-2022-32449 was published Jul 8, 2022
Totolink A830R V5.9c.4729_B20191112, Totolink A3100R V4.1.2cu.5050_B20200504, Totolink A950RG V4... High Unreviewed
CVE-2022-28935 was published Jul 7, 2022
Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-34597 was published Jul 7, 2022
Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-34596 was published Jul 7, 2022
Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-34595 was published Jul 7, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database