Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,992 advisories

Loading
The Management Interface in Citrix NetScaler Application Delivery Controller (ADC) and NetScaler... High Unreviewed
CVE-2015-5080 was published May 17, 2022
An issue was discovered in Pivotal Greenplum before 4.3.10.0. Creation of external tables using... High Unreviewed
CVE-2016-6656 was published May 17, 2022
Improper neutralization of special elements used in a user input allows an authenticated... High Unreviewed
CVE-2022-2323 was published Jul 30, 2022
Realtek rtl819x-SDK before v3.6.1 allows command injection over the web interface. High Unreviewed
CVE-2022-29558 was published Jul 29, 2022
Input passed to the Pdf() function is shell escaped and passed to child_process.exec() during PDF... Critical Unreviewed
CVE-2016-4991 was published Jul 29, 2022
git-archive vulnerable to Command Injection via exports function High
CVE-2020-28422 was published for git-archive (npm) Jul 26, 2022
The Parental Control panel in Genexis devices with DRGOS before 1.14.1 allows remote... High Unreviewed
CVE-2015-3441 was published May 17, 2022
Tenda i9 v1.0.0.8(3828) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-40100 was published Sep 25, 2022
A command injection vulnerability has been identified in Atos Unify OpenScape 4000 Assistant and... Critical Unreviewed
CVE-2022-46404 was published Dec 13, 2022
D-Link DSL-3782 v1.03 and below was discovered to contain a command injection vulnerability via... High Unreviewed
CVE-2022-34527 was published Jul 30, 2022
ntesseract vulnerable to Command Injection Critical
CVE-2020-28446 was published for ntesseract (npm) Jul 26, 2022
The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to... High Unreviewed
CVE-2015-1938 was published May 17, 2022
The server in IBM Tivoli Storage Manager FastBack 6.1 before 6.1.12 allows remote attackers to... High Unreviewed
CVE-2015-1949 was published May 17, 2022
The remove_bad_chars function in utils/cups-browsed.c in cups-filters before 1.0.66 allows remote... High Unreviewed
CVE-2015-2265 was published May 17, 2022
EMC RecoverPoint versions before 4.4.1.1 and EMC RecoverPoint for Virtual Machines versions... High Unreviewed
CVE-2016-6649 was published May 17, 2022
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a command... High Unreviewed
CVE-2022-34538 was published Jul 20, 2022
The submission service in Dovecot before 2.3.15 allows STARTTLS command injection in lib-smtp.... Moderate Unreviewed
CVE-2021-33515 was published May 24, 2022
sonar-wrapper Command Injection vulnerability Critical
CVE-2020-28443 was published for sonar-wrapper (npm) Jul 26, 2022
In Sophos Web Appliance (SWA) before 4.3.1.2, a section of the machine's interface responsible... Moderate Unreviewed
CVE-2017-6184 was published May 17, 2022
Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), Air:Link 5000AC (AL5000AC)... Critical Unreviewed
CVE-2016-10312 was published May 17, 2022
The allow_execmod plugin for setroubleshoot before 3.2.23 allows local users to execute arbitrary... High Unreviewed
CVE-2016-4444 was published May 17, 2022
The allow_execstack plugin for setroubleshoot allows local users to execute arbitrary commands by... High Unreviewed
CVE-2016-4446 was published May 17, 2022
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 nas.cgi has no filtering on parameters:... Critical Unreviewed
CVE-2022-35518 was published Aug 11, 2022
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 wireless.cgi has no filtering on parameters:... Critical Unreviewed
CVE-2022-35538 was published Aug 11, 2022
Digital Watchdog DW MEGApix IP cameras A7.2.2_20211029 was discovered to contain a command... High Unreviewed
CVE-2022-34540 was published Jul 20, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database