GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,513

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

4,101 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The setSystemTime function in Foscam Cameras C1 Lite V3, and C1 V3 with firmware 2.82.2.33 and... High Unreviewed

CVE-2018-6831 was published May 13, 2022

An issue was discovered in soliduiserver/deviceserviceaction.cpp in KDE Plasma Workspace before 5... High Unreviewed

CVE-2018-6791 was published May 13, 2022

Arbitrary logs location in Trend Micro Email Encryption Gateway 5.5 could allow an attacker to... High Unreviewed

CVE-2018-6222 was published May 13, 2022

A server auth command injection authentication bypass vulnerability in Trend Micro Smart... Critical Unreviewed

CVE-2018-6231 was published May 13, 2022

Seagate Media Server in Seagate Personal Cloud has unauthenticated command injection in the... Critical Unreviewed

CVE-2018-5347 was published May 13, 2022

Multiple command injection vulnerabilities in NeDi before 1.7Cp3 allow authenticated users to... High Unreviewed

CVE-2018-20727 was published May 13, 2022

An issue was discovered on Teracue ENC-400 devices with firmware 2.56 and below. The login form... Critical Unreviewed

CVE-2018-20218 was published May 13, 2022

An issue was discovered in MISP 2.4.9x before 2.4.99. In app/Model/Event.php (the STIX 1 import... High Unreviewed

CVE-2018-19908 was published May 13, 2022

Shell Metacharacter Injection in www/modules/save.php in FruityWifi (aka PatatasFritas/PatataWifi... Critical Unreviewed

CVE-2018-19168 was published May 13, 2022

In modules/HELPBOT_MODULE in Budabot 0.6 through 4.0, lax syntax validation allows remote... Critical Unreviewed

CVE-2018-19290 was published May 13, 2022

An issue was discovered on Tenda AC9 V15.03.05.19(6318)_CN, AC15 V15.03.05.19_CN, and AC18 V15.03... Critical Unreviewed

CVE-2018-18728 was published May 13, 2022

The remote upgrade feature in Guardzilla GZ180 devices allow command injection via a crafted new... High Unreviewed

CVE-2018-18600 was published May 13, 2022

A command injection vulnerability in the setup API in the Neato Botvac Connected 2.2.0 allows... High Unreviewed

CVE-2018-18638 was published May 13, 2022

A sandbox escape issue was discovered in VyOS 1.1.8. It provides a restricted management shell... Critical Unreviewed

CVE-2018-18555 was published May 13, 2022

CentOS-WebPanel.com (aka CWP) CentOS Web Panel 0.9.8.480 has Command Injection via shell... Critical Unreviewed

CVE-2018-18322 was published May 13, 2022

The Port Forwarding functionality on DASAN H660GW devices allows remote attackers to execute... High Unreviewed

CVE-2018-17867 was published May 13, 2022

Shell Metacharacter Injection in the SSH configuration interface on Grandstream GXP16xx VoIP 1.0... Critical Unreviewed

CVE-2018-17565 was published May 13, 2022

On D-Link DIR-823G devices, the GoAhead configuration allows /HNAP1 Command Injection via shell... Critical Unreviewed

CVE-2018-17787 was published May 13, 2022

Linksys Velop 1.1.2.187020 devices allow unauthenticated command injection, providing an attacker... High Unreviewed

CVE-2018-17208 was published May 13, 2022

nmap4j 1.1.0 allows attackers to execute arbitrary commands via shell metacharacters in an... Critical Unreviewed

CVE-2018-17228 was published May 13, 2022

An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used... Critical Unreviewed

CVE-2018-17064 was published May 13, 2022

An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used... Critical Unreviewed

CVE-2018-17068 was published May 13, 2022

An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used... Critical Unreviewed

CVE-2018-17066 was published May 13, 2022

An issue was discovered on D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used... Critical Unreviewed

CVE-2018-17063 was published May 13, 2022

LINK-NET LW-N605R devices with firmware 12.20.2.1486 allow Remote Code Execution via shell... High Unreviewed

CVE-2018-16752 was published May 13, 2022

Previous 1…133…165 Next

Previous 1 2 … 131 132 133 134 135 … 164 165 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

4,101 advisories