Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,992 advisories

Loading
TOTOLINK A3002RU-V2.0.0 B20190814.1034 allows authenticated remote users to modify the system's ... High Unreviewed
CVE-2020-25499 was published May 24, 2022
Rostelecom CS-C2SHW 5.0.082.1 is affected by: Bash command injection. The camera reads... Moderate Unreviewed
CVE-2020-27542 was published May 24, 2022
An issue was discovered in B&R Industrial Automation APROL before R4.2 V7.08. Arbitrary commands... Critical Unreviewed
CVE-2019-19875 was published May 24, 2022
An issue was discovered on CDATA 72408A, 9008A, 9016A, 92408A, 92416A, 9288, 97016, 97024P,... Critical Unreviewed
CVE-2020-29056 was published May 24, 2022
IBM Spectrum LSF 10.1 and IBM Spectrum LSF Suite 10.2 could allow a user on the local network who... High Unreviewed
CVE-2020-4983 was published May 24, 2022
IBM Security Guardium 10.6 and 11.2 could allow a local attacker to execute arbitrary commands on... High Unreviewed
CVE-2020-4688 was published May 24, 2022
If exploited, the command injection vulnerability could allow remote attackers to execute... High Unreviewed
CVE-2020-2490 was published May 24, 2022
A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited,... High Unreviewed
CVE-2020-2508 was published May 24, 2022
The NDN-210 has a web administration panel which is made available over https. There is a command... High Unreviewed
CVE-2020-17503 was published May 24, 2022
Barco TransForm NDN-210 Lite, NDN-210 Pro, NDN-211 Lite, and NDN-211 Pro before 3.8 allows... Critical Unreviewed
CVE-2020-17500 was published May 24, 2022
The NDN-210 has a web administration panel which is made available over https. There is a command... High Unreviewed
CVE-2020-17504 was published May 24, 2022
A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local... High Unreviewed
CVE-2021-1382 was published May 24, 2022
NETGEAR NMS300 devices before 1.6.0.27 are affected by command injection by an unauthenticated... Critical Unreviewed
CVE-2020-35797 was published May 24, 2022
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed
CVE-2020-35792 was published May 24, 2022
NETGEAR NMS300 devices before 1.6.0.27 are affected by command injection by an authenticated user. High Unreviewed
CVE-2020-35789 was published May 24, 2022
A remote unauthenticated arbitrary code execution vulnerability was discovered in Aruba Airwave... Critical Unreviewed
CVE-2020-7128 was published May 24, 2022
In netdiag, there is a possible command injection due to improper input validation. This could... Moderate Unreviewed
CVE-2021-0356 was published May 24, 2022
Command Injection in the CPE WAN Management Protocol (CWMP) registration in Amino Communications... High Unreviewed
CVE-2020-10209 was published May 24, 2022
DrayTek Vigor2960 1.5.1 allows remote command execution via shell metacharacters in a toLogin2FA... High Unreviewed
CVE-2020-19664 was published May 24, 2022
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... High Unreviewed
CVE-2020-8101 was published May 24, 2022
vBulletin 5.5.4 through 5.6.2 allows remote command execution via crafted subWidgets data in an... Critical Unreviewed
CVE-2020-7373 was published May 24, 2022
This command injection vulnerability allows attackers to execute arbitrary commands in a... High Unreviewed
CVE-2020-25847 was published May 24, 2022
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed
CVE-2020-35793 was published May 24, 2022
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed
CVE-2020-35790 was published May 24, 2022
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... High Unreviewed
CVE-2020-35798 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database