GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,816

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,992 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A command injection vulnerability was discovered in Gitlab runner versions prior to 13.2.4, 13.3... Critical Unreviewed

CVE-2020-13347 was published May 24, 2022

An issue was discovered in KDE Partition Manager 4.1.0 before 4.2.0. The kpmcore_externalcommand... High Unreviewed

CVE-2020-27187 was published May 24, 2022

Improper neutralization of argument delimiters in a command in Nagios XI 5.7.3 allows a remote,... High Unreviewed

CVE-2020-5792 was published May 24, 2022

An issue was discovered in Titan SpamTitan 7.07. Improper input sanitization of the parameter... Critical Unreviewed

CVE-2020-11698 was published May 24, 2022

u'In the lbd service, an external user can issue a specially crafted debug command to overwrite... High Unreviewed

CVE-2020-11117 was published May 24, 2022

Several potential command injections vulnerabilities exist in the AT command interface of ALEOS... Moderate Unreviewed

CVE-2019-11853 was published May 24, 2022

DrayTek Vigor3900, Vigor2960, and Vigor300B with firmware before 1.5.1.1 is affected by a remote... High Unreviewed

CVE-2020-14472 was published May 24, 2022

TOTOLINK-720R v4.1.5cu.374 was discovered to contain a remote code execution (RCE) vulnerability... High Unreviewed

CVE-2022-38535 was published Sep 16, 2022

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 1). An... High Unreviewed

CVE-2022-45094 was published Jan 10, 2023

wifey vulnerable to Command Injection due to improper input sanitization Critical

CVE-2022-25890 was published for wifey (npm) Jan 9, 2023

TOTOLINK-720R v4.1.5cu.374 was discovered to contain a remote code execution (RCE) vulnerability... High Unreviewed

CVE-2022-38534 was published Sep 16, 2022

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software and Cisco IOS XE Software could allow... High Unreviewed

CVE-2021-34729 was published May 24, 2022

SolarView Compact 6.00 was discovered to contain a command injection vulnerability via... Critical Unreviewed

CVE-2022-40881 was published Nov 17, 2022

A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local... High Unreviewed

CVE-2021-34725 was published May 24, 2022

Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow... High Unreviewed

CVE-2021-34756 was published May 24, 2022

Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive... Critical Unreviewed

CVE-2021-40113 was published May 24, 2022

A vulnerability in the CLI of Cisco SD-WAN Software could allow an authenticated, local attacker... High Unreviewed

CVE-2021-34726 was published May 24, 2022

A command injection vulnerability in sftp command processing on Juniper Networks Junos OS Evolved... High Unreviewed

CVE-2021-31358 was published May 24, 2022

A command injection vulnerability in tcpdump command processing on Juniper Networks Junos OS... High Unreviewed

CVE-2021-31357 was published May 24, 2022

A vulnerability in the web-based management interface of Cisco Intersight Virtual Appliance could... High Unreviewed

CVE-2021-34748 was published May 24, 2022

Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... Moderate Unreviewed

CVE-2019-17101 was published May 24, 2022

The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a... Moderate Unreviewed

CVE-2020-6811 was published May 24, 2022

iCatch DVR do not validate function parameter properly, resulting attackers executing arbitrary... Moderate Unreviewed

CVE-2020-10514 was published May 24, 2022

The web interface of the Vertiv Avocent UMG-4000 version 4.2.1.19 is vulnerable to command... High Unreviewed

CVE-2019-9507 was published May 24, 2022

In GraphicsMagick before 1.3.32, the text filename component allows remote attackers to read... Moderate Unreviewed

CVE-2019-12921 was published May 24, 2022

Previous 1…104…120 Next

Previous 1 2 … 102 103 104 105 106 … 119 120 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,992 advisories