Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,992 advisories

Loading
Unauthenticated Remote Command Injection in ep_imageconvert High
CVE-2013-3364 was published for ep_imageconvert (npm) Aug 31, 2020
Command Injection in cocos-utils High
GHSA-rffp-mc78-wjf7 was published for cocos-utils (npm) Sep 2, 2020
Command Injection in ungit Critical
CVE-2015-4130 was published for ungit (npm) Aug 31, 2020
Command Injection in wxchangba Moderate
GHSA-j6v9-xgvh-f796 was published for wxchangba (npm) Sep 11, 2020
Command Injection in samsung-remote Critical
GHSA-xhjx-mfr6-9rr4 was published for samsung-remote (npm) Sep 1, 2020
Command Injection in standard-version Moderate
GHSA-7xcx-6wjh-7xp2 was published for standard-version (npm) Jul 13, 2020
Critical severity vulnerability that affects Haraka Critical
CVE-2016-1000282 was published for Haraka (npm) Feb 12, 2019
Potential Command Injection in codem-transcode High
CVE-2013-7377 was published for codem-transcode (npm) Nov 28, 2017
Command Injection in fs-path High
GHSA-gc94-6w89-hpqr was published for fs-path (npm) Jun 12, 2019
Mooninaut
Credited to Mooninaut
Command injection in mversion High
CVE-2020-4059 was published for mversion (npm) Jun 18, 2020
High severity vulnerability that affects indico High
GHSA-67cx-rhhq-mfhq was published for indico (pip) Oct 11, 2019
Potential Command Injection in printer Critical
CVE-2014-3741 was published for printer (npm) Nov 28, 2017
Command Injection in open Critical
GHSA-28xh-wpgr-7fm8 was published for open (npm) Jun 20, 2019
Command Injection in dot Moderate
GHSA-4859-gpc7-4j66 was published for dot (npm) Jun 5, 2019
Rate Limiting Bypass in express-brute Moderate
GHSA-984p-xq9m-4rjw was published for express-brute (npm) Jun 7, 2019
Command Injection in opencv Low
GHSA-f698-m2v9-5fh3 was published for opencv (npm) Jun 4, 2019
Command Injection in fs-git High
CVE-2017-16087 was published for fs-git (npm) May 29, 2019
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database