GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,816

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,992 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Rapid7's Metasploit msfvenom framework handles APK files in a way that allows for a malicious... High Unreviewed

CVE-2020-7384 was published May 24, 2022

Arbitrary command execution can occur in Webmin through 1.962. Any user authorized for the... High Unreviewed

CVE-2020-35606 was published May 24, 2022

Winston 1.5.4 devices are vulnerable to command injection via the API. Critical Unreviewed

CVE-2020-16257 was published May 24, 2022

A command injection vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2... Critical Unreviewed

CVE-2020-8466 was published May 24, 2022

A remote execution of arbitrary commandss vulnerability was discovered in Aruba Airwave Software... High Unreviewed

CVE-2020-24632 was published May 24, 2022

A remote execution of arbitrary commands vulnerability was discovered in Aruba Airwave Software... High Unreviewed

CVE-2020-24631 was published May 24, 2022

There is command injection when ddns processes the hostname, which causes the administrator user... High Unreviewed

CVE-2020-14102 was published May 24, 2022

An arbitrary command execution vulnerability exists in the fopen() function of file writes of... Critical Unreviewed

CVE-2020-25483 was published May 24, 2022

Ubilling v1.0.9 allows Remote Command Execution as Root user by executing a malicious command... Critical Unreviewed

CVE-2020-29311 was published May 24, 2022

Barco TransForm N before 3.8 allows Command Injection (issue 2 of 4). The NDN-210 has a web... High Unreviewed

CVE-2020-17502 was published May 24, 2022

Foxit PDF ActiveX before 5.5.1 allows remote code execution via command injection because of the... High Unreviewed

CVE-2018-19418 was published May 24, 2022

An attacker is able to remotely inject arbitrary commands by sending especially crafted packets... Critical Unreviewed

CVE-2020-24634 was published May 24, 2022

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed

CVE-2020-35791 was published May 24, 2022

Command Injection in EntoneWebEngine in Amino Communications AK45x series, AK5xx series, AK65x... Critical Unreviewed

CVE-2020-10208 was published May 24, 2022

In Ortus TestBox 2.4.0 through 4.1.0, unvalidated query string parameters passed to system... Critical Unreviewed

CVE-2020-15929 was published May 24, 2022

Huawei FusionCompute versions 6.5.1 and 8.0.0 have a command injection vulnerability. An... High Unreviewed

CVE-2020-9116 was published May 24, 2022

D-Link DAP-1360U before 3.0.1 devices allow remote authenticated users to execute arbitrary... High Unreviewed

CVE-2020-26582 was published May 24, 2022

Some Huawei products have a command injection vulnerability. Due to insufficient input validation... Moderate Unreviewed

CVE-2020-9127 was published May 24, 2022

A remote execution of arbitrary commands vulnerability was discovered in Aruba Airwave Software... High Unreviewed

CVE-2020-7129 was published May 24, 2022

A command injection vulnerability exists in Moxa Inc VPort 461 Series Firmware Version 3.4 or... Critical Unreviewed

CVE-2020-23639 was published May 24, 2022

tdpServer on TP-Link Archer A7 AC1750 devices before 201029 allows remote attackers to execute... Critical Unreviewed

CVE-2020-28347 was published May 24, 2022

An issue was discovered on V-SOL V1600D V2.03.69 and V2.03.57, V1600D4L V1.01.49, V1600D-MINI V1... Critical Unreviewed

CVE-2020-29381 was published May 24, 2022

If exploited, the command injection vulnerability could allow remote attackers to execute... High Unreviewed

CVE-2020-2492 was published May 24, 2022

In CMSuno 1.6.2, an attacker can inject malicious PHP code as a "username" while changing his/her... High Unreviewed

CVE-2020-25557 was published May 24, 2022

An authenticated attacker can inject malicious code into "lang" parameter in /uno/central.php... High Unreviewed

CVE-2020-25538 was published May 24, 2022

Previous 1…103…120 Next

Previous 1 2 … 101 102 103 104 105 … 119 120 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,992 advisories