Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,992
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,056
Pub
12
RubyGems
955
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,989 advisories

Loading
(1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5)... Critical Unreviewed
CVE-2016-1555 was published May 14, 2022
Puppet Arbitrary Command Execution Moderate
CVE-2012-1988 was published for puppet (RubyGems) May 14, 2022
The mdcheck script of the mdadm package for openSUSE 13.2 prior to version 3.3.1-5.14.1 does not... High Unreviewed
CVE-2014-5220 was published May 14, 2022
Kibana versions before 6.6.1 contain an arbitrary code execution flaw in the security audit... Critical Unreviewed
CVE-2019-7610 was published May 14, 2022
Centreon Command Injection High
CVE-2015-1561 was published for centreon/centreon (Composer) May 14, 2022
Apache Struts RCE Vulnerability High
CVE-2016-3081 was published for org.apache.struts:struts2-core (Maven) May 14, 2022
Command injection in workspace-tools Critical
CVE-2022-25865 was published for workspace-tools (npm) May 14, 2022
A command injection vulnerability exists in the Microsoft Wireless Display Adapter (MWDA) when... Moderate Unreviewed
CVE-2018-8306 was published May 13, 2022
In Schneider Electric U.motion Builder software versions prior to v1.3.4, a remote command... Critical Unreviewed
CVE-2018-7785 was published May 13, 2022
There was an command injection vulnerability in Sourcetree for Windows from version 0.5a before... High Unreviewed
CVE-2018-20236 was published May 13, 2022
A Command Injection issue was discovered in Citrix SD-WAN 10.1.0 and NetScaler SD-WAN 9.3.x... Critical Unreviewed
CVE-2018-17445 was published May 13, 2022
The web application on Xerox AltaLink B80xx before 100.008.028.05200, C8030/C8035 before 100.001... Critical Unreviewed
CVE-2018-17172 was published May 13, 2022
An authenticated attacker can execute arbitrary code using command ejection in Eltex ESP-200... High Unreviewed
CVE-2018-15356 was published May 13, 2022
Command Injection vulnerability in QTS 4.3.5 build 20181013, QTS 4.3.4 build 20181008, QTS 4.3.3... Critical Unreviewed
CVE-2018-14746 was published May 13, 2022
DHCP packages in Red Hat Enterprise Linux 6 and 7, Fedora 28, and earlier are vulnerable to a... High Unreviewed
CVE-2018-1111 was published May 13, 2022
Command injection vulnerability in Helpdesk versions 1.1.21 and earlier in QNAP QTS 4.2.6 build... Critical Unreviewed
CVE-2018-0714 was published May 13, 2022
Command injection vulnerability in Music Station 5.1.2 and earlier versions in QNAP QTS 4.3.3 and... Critical Unreviewed
CVE-2018-0718 was published May 13, 2022
Command injection vulnerability in LDAP Server in QNAP QTS 4.2.6 build 20171208, QTS 4.3.3 build... Critical Unreviewed
CVE-2018-0712 was published May 13, 2022
An issue was discovered in certain Apple products. Safari before 11.0.2 is affected. The issue... High Unreviewed
CVE-2017-7161 was published May 13, 2022
The Symantec Messaging Gateway before 10.6.3-267 can encounter an issue of remote code execution,... High Unreviewed
CVE-2017-6327 was published May 13, 2022
Insufficient data validation in crosh could lead to a command injection under chronos privileges... High Unreviewed
CVE-2017-15403 was published May 13, 2022
A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local... Moderate Unreviewed
CVE-2017-12335 was published May 13, 2022
Command injection vulnerability in login.php in Synology Photo Station before 6.5.3-3226 allows... Critical Unreviewed
CVE-2016-10329 was published May 13, 2022
Certain combinations of Junos OS CLI commands and arguments have been found to be exploitable in... High Unreviewed
CVE-2016-4922 was published May 13, 2022
A command injection vulnerability exists in apply.cgi on the ASUS RP-AC52 access point, firmware... Critical Unreviewed
CVE-2016-6558 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database