Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,992 advisories

Loading
TOTOLINK A3100R V4.1.2cu.5050_B20200504 and V4.1.2cu.5247_B20211129 were discovered to contain a... High Unreviewed
CVE-2022-29639 was published May 19, 2022
Vulnerability in Fidelis Network and Deception CommandPost enables authenticated command... High Unreviewed
CVE-2022-24394 was published May 18, 2022
Vulnerability in rconfig “remote_text_file” enables an attacker with user level access to the CLI... High Unreviewed
CVE-2022-24390 was published May 18, 2022
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy... High Unreviewed
CVE-2022-23673 was published May 18, 2022
Vulnerability in Fidelis Network and Deception CommandPost enables authenticated command... High Unreviewed
CVE-2022-24393 was published May 18, 2022
The remote administration interface in D-Link DIR-815 devices with firmware before 2.03.B02... Critical Unreviewed
CVE-2014-8888 was published May 17, 2022
Vulnerability in Fidelis Network and Deception CommandPost enables authenticated command... High Unreviewed
CVE-2022-24392 was published May 18, 2022
A authenticated remote command injection vulnerability was discovered in Aruba ClearPass Policy... High Unreviewed
CVE-2022-23672 was published May 18, 2022
Vulnerability in rconfig “cert_utils” enables an attacker with user level access to the CLI to... High Unreviewed
CVE-2022-24389 was published May 18, 2022
LPAR2RRD ? 4.53 and ? 3.5 has arbitrary command injection on the application server. High Unreviewed
CVE-2014-4982 was published May 17, 2022
There is a command injection vulnerability in ZTE MF286R, Due to insufficient validation of the... Critical Unreviewed
CVE-2022-39073 was published Jan 6, 2023
Ghidra/RuntimeScripts/Linux/support/launch.sh in NSA Ghidra through 10.2.2 passes user-provided... Critical Unreviewed
CVE-2023-22671 was published Jan 6, 2023
A vulnerability was found in trampgeek jobe up to 1.6.x and classified as critical. This issue... Critical Unreviewed
CVE-2020-36642 was published Jan 6, 2023
TOTOLINK T6 V4.1.5cu.709_B20210518 is vulnerable to command injection via cstecgi.cgi Critical Unreviewed
CVE-2022-38828 was published Sep 17, 2022
If exploited, this command injection vulnerability could allow remote attackers to execute... Critical Unreviewed
CVE-2018-19950 was published May 24, 2022
In TOTOLINK T6 V4.1.5cu.709_B20210518, there is an execute arbitrary command in cstecgi.cgi. Critical Unreviewed
CVE-2022-38826 was published Sep 17, 2022
TOTOLink A700RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability... Critical Unreviewed
CVE-2022-38308 was published Sep 15, 2022
git_http_controller.rb in the redmine_git_hosting plugin for Redmine allows remote attackers to... High Unreviewed
CVE-2013-4663 was published May 17, 2022
Unrestricted file upload vulnerability in ls/vw_snapshots.php in the VideoWhisper Live Streaming... High Unreviewed
CVE-2014-1905 was published May 17, 2022
The wfMangleFlashPolicy function in OutputHandler.php in MediaWiki before 1.19.22, 1.20.x through... High Unreviewed
CVE-2014-9277 was published May 17, 2022
Common LaTeX Service Interface (CLSI) before 0.1.3, as used in ShareLaTeX before 0.1.3, allows... Moderate Unreviewed
CVE-2015-0934 was published May 17, 2022
Apache Airflow Hive Provider vulnerable to Command Injection Critical
CVE-2022-46421 was published for apache-airflow-providers-apache-hive (pip) Dec 20, 2022
The saveObject function in moadmin.php in phpMoAdmin 1.1.2 allows remote attackers to execute... High Unreviewed
CVE-2015-2208 was published May 17, 2022
cloner.functions.php in the XCloner plugin 3.1.2 for WordPress allows remote authenticated users... Moderate Unreviewed
CVE-2015-4336 was published May 17, 2022
The log-gather implementation in the web administration interface in EMC Isilon OneFS 6.5.x.x... High Unreviewed
CVE-2015-4525 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database