Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,101 advisories

Loading
QNAP NAS application Media Streaming add-on version 421.1.0.2, 430.1.2.0, and earlier allows... Critical Unreviewed
CVE-2017-7640 was published May 14, 2022
QQQ SYSTEMS version 2.24 allows an attacker to execute arbitrary commands via unspecified vectors. Critical Unreviewed
CVE-2018-0539 was published May 14, 2022
LXR version 1.0.0 to 2.3.0 allows remote attackers to execute arbitrary OS commands via... Critical Unreviewed
CVE-2018-0545 was published May 14, 2022
Buffalo WZR-1750DHP2 Ver.2.30 and earlier allows an attacker to execute arbitrary OS commands via... High Unreviewed
CVE-2018-0556 was published May 14, 2022
Silex SD-320AN version 2.01 and prior and GE MobileLink(GEH-SD-320AN) version GEH-1.1 and prior... High Unreviewed
CVE-2018-6021 was published May 14, 2022
All Phoenix Contact managed FL SWITCH 3xxx, 4xxx, 48xx products running firmware version 1.0 to 1... Critical Unreviewed
CVE-2018-10730 was published May 14, 2022
Adobe Dreamweaver CC versions 18.0 and earlier have an OS Command Injection vulnerability.... Critical Unreviewed
CVE-2018-4924 was published May 14, 2022
Adobe Connect versions 9.7 and earlier have an exploitable OS Command Injection. Successful... Critical Unreviewed
CVE-2018-4923 was published May 14, 2022
QNAP NAS application Proxy Server through version 1.2.0 allows remote attackers to run arbitrary... Critical Unreviewed
CVE-2017-7637 was published May 14, 2022
GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of... High Unreviewed
CVE-2014-6277 was published May 14, 2022
On D-Link DIR-620 devices with a certain customized (by ISP) variant of firmware 1.0.3, 1.0.37, 1... High Unreviewed
CVE-2018-6211 was published May 14, 2022
Ubiquiti Networks EdgeSwitch version 1.7.3 and prior suffer from an improperly neutralized... High Unreviewed
CVE-2018-12591 was published May 14, 2022
index.php in Softaculous Webuzo before 2.1.4 allows remote attackers to execute arbitrary... High Unreviewed
CVE-2013-6041 was published May 14, 2022
AVM Fritz!Box allows remote attackers to execute arbitrary commands via shell metacharacters in... High Unreviewed
CVE-2014-9727 was published May 14, 2022
OS Command Injection in baserCMS High
CVE-2018-0569 was published for baserproject/basercms (Composer) May 14, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... Critical Unreviewed
CVE-2017-17411 was published May 14, 2022
OS command injection in the AP mode settings feature in /cgi-bin/luci /api/misystem... Critical Unreviewed
CVE-2018-14060 was published May 14, 2022
OS command injection in the guest Wi-Fi settings feature in /cgi-bin/luci on Xiaomi R3P before 2... Critical Unreviewed
CVE-2018-14010 was published May 14, 2022
A command injection vulnerability was found in the web administration console in SoftNAS Cloud... Critical Unreviewed
CVE-2018-14417 was published May 14, 2022
OCS Inventory 2.4.1 is prone to a remote command-execution vulnerability. Specifically, this... High Unreviewed
CVE-2018-12483 was published May 14, 2022
EMC Documentum Content Server before 6.7 SP1 P28, 6.7 SP2 before P14, 7.0 before P15, and 7.1... High Unreviewed
CVE-2014-2507 was published May 14, 2022
config/userAdmin/login.tdf in Infoblox NetMRI before 6.8.5 allows remote attackers to execute... High Unreviewed
CVE-2014-3418 was published May 14, 2022
The WP-DBManager (aka Database Manager) plugin before 2.7.2 for WordPress allows remote... Moderate Unreviewed
CVE-2014-8334 was published May 14, 2022
cgi-bin/mft/wireless_mft.cgi in AirLive BU-2015 with firmware 1.03.18 16.06.2014, AirLive BU-3026... Critical Unreviewed
CVE-2014-8389 was published May 14, 2022
cgi/utility.cgi in Advantech EKI-6340 2.05 Wi-Fi Mesh Access Point allows remote authenticated... High Unreviewed
CVE-2014-8387 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database