Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,105 advisories

Loading
nadesiko3 vulnerable to OS Command Injection Critical
CVE-2022-42496 was published for nadesiko3 (npm) Dec 5, 2022
Multiple Xiongmai NVR devices, including MBD6304T V4.02.R11.00000117.10001.131900.00000 and... High Unreviewed
CVE-2022-45045 was published Dec 1, 2022
CGI implementation in Yaws web server versions 1.81 to 2.0.7 is vulnerable to OS command injection. High Unreviewed
CVE-2020-24916 was published May 24, 2022
tz.pl on XoruX LPAR2RRD and STOR2RRD 2.70 virtual appliances allows cmd=set&tz=OS command... High Unreviewed
CVE-2020-24032 was published May 24, 2022
Nadesiko3 OS Command Injection vulnerability Critical
CVE-2022-41642 was published for nadesiko3 (npm) Dec 5, 2022
A Command Injection issue in the traceroute feature on TP-Link TL-WR841N V13 (JP) with firmware... High Unreviewed
CVE-2020-35576 was published May 24, 2022
Nortek Linear eMerge E3-Series devices before 0.32-08f allow an unauthenticated attacker to... Critical Unreviewed
CVE-2022-31499 was published Aug 26, 2022
An OS command injection vulnerability allows admins to execute code via SSL VPN configuration... High Unreviewed
CVE-2022-3226 was published Dec 1, 2022
The Web User Interface in Xerox WorkCentre and WorkCentre Pro before 12.060.17.000, 13.x before... High Unreviewed
CVE-2006-6427 was published May 1, 2022
Dell Container Storage Modules 1.2 contains an OS command injection in goiscsi and gobrick... High Unreviewed
CVE-2022-34374 was published Aug 31, 2022
D-Link DIR-865L Ax 1.20B01 Beta devices allow Command Injection. High Unreviewed
CVE-2020-13782 was published May 24, 2022
An unauthenticated command injection vulnerability in the product license validation function of... Critical Unreviewed
CVE-2022-43325 was published Dec 2, 2022
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed
CVE-2022-4221 was published Dec 1, 2022
An issue was discovered in URVE Build 24.03.2020. By using the _internal/pc/vpro.php?mac=0&ip=0... Critical Unreviewed
CVE-2020-29552 was published May 24, 2022
CONPROSYS HMI System (CHS) Ver.3.4.4?and earlier allows a remote unauthenticated attacker to... Critical Unreviewed
CVE-2022-44456 was published Dec 19, 2022
Etomite Content Management System 0.6, and possibly earlier versions, when downloaded from the... High Unreviewed
CVE-2006-0325 was published May 1, 2022
Command Injection in pdfinfojs Critical
CVE-2018-3746 was published for pdfinfojs (npm) Jun 7, 2018
IBM API Connect 5.0.0.0 and 5.0.8.6 Developer Portal is vulnerable to command injection. An... Critical Unreviewed
CVE-2019-4202 was published May 13, 2022
A privilege escalation vulnerability exists in SolarWinds Serv-U before 15.1.7 for Linux. High Unreviewed
CVE-2019-12181 was published May 24, 2022
vim 6.3 before 6.3.082, with modelines enabled, allows external user-assisted attackers to... High Unreviewed
CVE-2005-2368 was published May 1, 2022
SAP GUI allows an authenticated attacker to execute scripts in the local network. On successful... Moderate Unreviewed
CVE-2022-41205 was published Nov 9, 2022
Authenticated command injection vulnerabilities exist in the AOS-CX Network Analytics Engine via... High Unreviewed
CVE-2022-23683 was published Sep 7, 2022
OS Command Injection vulnerability in the db_optimize component of Device42 Asset Management... High Unreviewed
CVE-2022-1410 was published Aug 18, 2022
A vulnerability in the hardware initialization routines of Cisco IOS XE Software for Cisco 1100... High Unreviewed
CVE-2021-1441 was published May 24, 2022
Multiple vulnerabilities exist in the AOS-CX command line interface that could lead to... High Unreviewed
CVE-2022-23682 was published Sep 7, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database