Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,990 advisories

Loading
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed
CVE-2020-35790 was published May 24, 2022
NETGEAR DGN2200v1 devices before v1.0.0.58 are affected by command injection. High Unreviewed
CVE-2020-35777 was published May 24, 2022
DrayTek Vigor2960 1.5.1 allows remote command execution via shell metacharacters in a toLogin2FA... High Unreviewed
CVE-2020-19664 was published May 24, 2022
Command Injection in the CPE WAN Management Protocol (CWMP) registration in Amino Communications... High Unreviewed
CVE-2020-10209 was published May 24, 2022
Command Injection in EntoneWebEngine in Amino Communications AK45x series, AK5xx series, AK65x... Critical Unreviewed
CVE-2020-10208 was published May 24, 2022
Green Packet WiMax DV-360 2.10.14-g1.0.6.1 devices allow Command Injection, with unauthenticated... Critical Unreviewed
CVE-2018-14067 was published May 24, 2022
Certain Zyxel products allow command injection by an admin via an input string to chg_exp_pwd... High Unreviewed
CVE-2020-29299 was published May 24, 2022
This command injection vulnerability allows attackers to execute arbitrary commands in a... High Unreviewed
CVE-2020-25847 was published May 24, 2022
Belkin LINKSYS RE6500 devices before 1.0.11.001 allow remote authenticated users to execute... High Unreviewed
CVE-2020-35714 was published May 24, 2022
Arbitrary command execution can occur in Webmin through 1.962. Any user authorized for the... High Unreviewed
CVE-2020-35606 was published May 24, 2022
Dolibarr authenticated Remote Code Execution High
CVE-2020-35136 was published for dolibarr/dolibarr (Composer) May 24, 2022
A command injection vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2... Critical Unreviewed
CVE-2020-8466 was published May 24, 2022
Ubilling v1.0.9 allows Remote Command Execution as Root user by executing a malicious command... Critical Unreviewed
CVE-2020-29311 was published May 24, 2022
An attacker is able to remotely inject arbitrary commands by sending especially crafted packets... Critical Unreviewed
CVE-2020-24634 was published May 24, 2022
This command injection vulnerability allows attackers to execute arbitrary commands in a... Critical Unreviewed
CVE-2019-7198 was published May 24, 2022
TOTOLINK A3002RU-V2.0.0 B20190814.1034 allows authenticated remote users to modify the system's ... High Unreviewed
CVE-2020-25499 was published May 24, 2022
Huawei FusionCompute versions 6.5.1 and 8.0.0 have a command injection vulnerability. An... High Unreviewed
CVE-2020-9116 was published May 24, 2022
An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1... Critical Unreviewed
CVE-2020-29381 was published May 24, 2022
An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. Arbitrary commands... Critical Unreviewed
CVE-2019-19875 was published May 24, 2022
An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P,... Critical Unreviewed
CVE-2020-29056 was published May 24, 2022
In Ortus TestBox 2.4.0 through 4.1.0, unvalidated query string parameters passed to system... Critical Unreviewed
CVE-2020-15929 was published May 24, 2022
VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector... High Unreviewed
CVE-2020-4006 was published May 24, 2022
If exploited, the command injection vulnerability could allow remote attackers to execute... High Unreviewed
CVE-2020-2492 was published May 24, 2022
If exploited, the command injection vulnerability could allow remote attackers to execute... High Unreviewed
CVE-2020-2490 was published May 24, 2022
Some Huawei products have a command injection vulnerability. Due to insufficient input validation... Moderate Unreviewed
CVE-2020-9127 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database