Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,989 advisories

Loading
A command injection can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX)... High Unreviewed
CVE-2018-19445 was published May 24, 2022
An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides... High Unreviewed
CVE-2017-9384 was published May 24, 2022
An issue was discovered on Vera VeraEdge 1.7.19 and Veralite 1.7.481 devices. The device provides... High Unreviewed
CVE-2017-9388 was published May 24, 2022
In NETGEAR ReadyNAS Surveillance before 1.4.3-17 x86 and before 1.1.4-7 ARM, $_GET['uploaddir']... Critical Unreviewed
CVE-2017-18378 was published May 24, 2022
An issue was discovered on Wireless IP Camera (P2P) WIFICAM cameras. There is Command Injection... Critical Unreviewed
CVE-2017-18377 was published May 24, 2022
On Seowon Intech routers, there is a Command Injection vulnerability in diagnostic.cgi via shell... Critical Unreviewed
CVE-2016-10760 was published May 24, 2022
An issue was discovered on D-Link DIR-818LW devices from 2.05.B03 to 2.06B01 BETA. There is a... High Unreviewed
CVE-2019-12786 was published May 24, 2022
Xiaomi Stock Browser 10.2.4.g on Xiaomi Redmi Note 5 Pro devices and other Redmi Android phones... Moderate Unreviewed
CVE-2018-20523 was published May 24, 2022
A command injection can occur for specially crafted PDF files in Foxit Reader SDK (ActiveX)... High Unreviewed
CVE-2018-19451 was published May 24, 2022
Computrols CBAS 18.0.0 allows Authenticated Command Injection. High Unreviewed
CVE-2019-10854 was published May 24, 2022
A Command Injection vulnerability exists in the web-based GUI of the 1st Gen PelcoSarix Enhanced... High Unreviewed
CVE-2018-7825 was published May 24, 2022
A Command Injection vulnerability exists in the web-based GUI of the 1st Gen Pelco Sarix Enhanced... High Unreviewed
CVE-2018-7826 was published May 24, 2022
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an... High Unreviewed
CVE-2019-1780 was published May 24, 2022
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an... High Unreviewed
CVE-2019-1795 was published May 24, 2022
A vulnerability in the CLI of Cisco FXOS Software and Cisco NX-OS Software could allow an... High Unreviewed
CVE-2019-1779 was published May 24, 2022
An issue was discovered in Dillon Kane Tidal Workload Automation Agent 3.2.0.5 (formerly known as... High Unreviewed
CVE-2019-6689 was published May 24, 2022
The GitController in Jakub Chodounsky Bonobo Git Server before 6.5.0 allows execution of... Critical Unreviewed
CVE-2019-11217 was published May 24, 2022
Cribl UI 1.5.0 allows remote attackers to run arbitrary commands via an unauthenticated web request. Critical Unreviewed
CVE-2019-11076 was published May 24, 2022
Command injection in Apache Maven maven-shared-utils Critical
CVE-2022-29599 was published for org.apache.maven.shared:maven-shared-utils (Maven) May 24, 2022
Thecus 4800Eco was discovered to contain a command injection vulnerability via the username... Critical Unreviewed
CVE-2021-34111 was published May 21, 2022
A command injection security vulnerability has been identified in HPE Nimble Storage Hybrid Flash... Critical Unreviewed
CVE-2022-28618 was published May 21, 2022
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a... High Unreviewed
CVE-2022-29639 was published May 19, 2022
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy... High Unreviewed
CVE-2022-23673 was published May 18, 2022
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy... High Unreviewed
CVE-2022-23672 was published May 18, 2022
Vulnerability in rconfig “cert_utils” enables an attacker with user level access to the CLI to... High Unreviewed
CVE-2022-24389 was published May 18, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database