Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,002 advisories

Loading
The SonicWall Secure Remote Access server (version 8.1.0.2-14sv) is vulnerable to a Remote... Critical Unreviewed
CVE-2016-9683 was published May 14, 2022
osc before 0.151.0 allows remote attackers to execute arbitrary commands via shell metacharacters... High Unreviewed
CVE-2015-0778 was published May 14, 2022
An issue was discovered in Amanda 3.3.1. A user with backup privileges can trivially compromise a... High Unreviewed
CVE-2016-10729 was published May 14, 2022
Bluetooth in Android before 5.1.1 LMY48X and 6.0 before 2015-11-01 allows attackers to send... Moderate Unreviewed
CVE-2015-6613 was published May 14, 2022
DLINK - DSL-224 Post-auth PCE. DLINK router has an interface where you can configure NTP servers ... Critical Unreviewed
CVE-2022-36786 was published Nov 18, 2022
An issue was discovered in CMS Made Simple 2.2.8. It is possible, with an administrator account,... High Unreviewed
CVE-2019-9059 was published May 14, 2022
Command injection vulnerability in firmware_cgi in GL.iNet GL-AR300M-Lite devices with firmware 2... High Unreviewed
CVE-2019-6275 was published May 14, 2022
Command injection vulnerability in login_cgi in GL.iNet GL-AR300M-Lite devices with firmware 2.27... High Unreviewed
CVE-2019-6272 was published May 14, 2022
An issue was discovered on PHOENIX CONTACT RAD-80211-XD and RAD-80211-XD/HP-BUS devices. Command... High Unreviewed
CVE-2019-9743 was published May 14, 2022
The mdcheck script of the mdadm package for openSUSE 13.2 prior to version 3.3.1-5.14.1 does not... High Unreviewed
CVE-2014-5220 was published May 14, 2022
Kibana versions before 6.6.1 contain an arbitrary code execution flaw in the security audit... Critical Unreviewed
CVE-2019-7610 was published May 14, 2022
monorepo-build Command Injection vulnerability Critical
CVE-2020-28423 was published for monorepo-build (npm) Aug 3, 2022
A command injection vulnerability exists in the Microsoft Wireless Display Adapter (MWDA) when... Moderate Unreviewed
CVE-2018-8306 was published May 13, 2022
Command injection in workspace-tools Critical
CVE-2022-25865 was published for workspace-tools (npm) May 14, 2022
In Schneider Electric U.motion Builder software versions prior to v1.3.4, a remote command... Critical Unreviewed
CVE-2018-7785 was published May 13, 2022
There was an command injection vulnerability in Sourcetree for Windows from version 0.5a before... High Unreviewed
CVE-2018-20236 was published May 13, 2022
The web application on Xerox AltaLink B80xx before 100.008.028.05200, C8030/C8035 before 100.001... Critical Unreviewed
CVE-2018-17172 was published May 13, 2022
An authenticated attacker can execute arbitrary code using command ejection in Eltex ESP-200... High Unreviewed
CVE-2018-15356 was published May 13, 2022
A Command Injection issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x... Critical Unreviewed
CVE-2018-17445 was published May 13, 2022
Command Injection vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3... Critical Unreviewed
CVE-2018-14746 was published May 13, 2022
Command injection vulnerability in Helpdesk versions 1.1.21 and earlier in QNAP QTS 4.2.6 build... Critical Unreviewed
CVE-2018-0714 was published May 13, 2022
Command injection vulnerability in Music Station 5.1.2 and earlier versions in QNAP QTS 4.3.3 and... Critical Unreviewed
CVE-2018-0718 was published May 13, 2022
Command injection vulnerability in LDAP Server in QNAP QTS 4.2.6 build 20171208, QTS 4.3.3 build... Critical Unreviewed
CVE-2018-0712 was published May 13, 2022
An issue was discovered in certain Apple products. Safari before 11.0.2 is affected. The issue... High Unreviewed
CVE-2017-7161 was published May 13, 2022
AP Manager in Innovaphone before 13r2 Service Release 17 allows command injection via a modified... Critical Unreviewed
CVE-2022-41870 was published Oct 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database