Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,101 advisories

Loading
An issue was discovered in mgetty before 1.2.1. In fax_notify_mail() in faxrec.c, the mail_to... High Unreviewed
CVE-2018-16744 was published May 13, 2022
LINK-NET LW-N605R devices with firmware 12.20.2.1486 allow Remote Code Execution via shell... High Unreviewed
CVE-2018-16752 was published May 13, 2022
An authenticated command injection vulnerability exists in IPFire Firewall before 2.21 Core... High Unreviewed
CVE-2018-16232 was published May 13, 2022
RICOH Interactive Whiteboard D2200 V1.6 to V2.2, D5500 V1.6 to V2.2, D5510 V1.6 to V2.2, and the... Critical Unreviewed
CVE-2018-16184 was published May 13, 2022
The web management console of Opsview Monitor 5.4.x before 5.4.2 provides functionality... High Unreviewed
CVE-2018-16146 was published May 13, 2022
The test connection functionality in the NetAudit section of Opsview Monitor before 5.3.1 and 5.4... Critical Unreviewed
CVE-2018-16144 was published May 13, 2022
In System Management Module (SMM) versions prior to 1.06, a field in the header of SMM firmware... High Unreviewed
CVE-2018-16089 was published May 13, 2022
In System Management Module (SMM) versions prior to 1.06, the SMM certificate creation and... High Unreviewed
CVE-2018-16090 was published May 13, 2022
System command injection in request_mitv in Xiaomi Mi Router 3 version 2.22.15 allows attackers... High Unreviewed
CVE-2018-16130 was published May 13, 2022
An authenticated command injection vulnerability exists in status_interfaces.php via... High Unreviewed
CVE-2018-16055 was published May 13, 2022
Nagios XI 5.5.6 allows local authenticated attackers to escalate privileges to root via... High Unreviewed
CVE-2018-15710 was published May 13, 2022
Nagios XI 5.5.6 allows remote authenticated attackers to reset and regenerate the API key of more... High Unreviewed
CVE-2018-15711 was published May 13, 2022
Nagios XI 5.5.6 allows remote authenticated attackers to execute arbitrary commands via a crafted... High Unreviewed
CVE-2018-15709 was published May 13, 2022
A command injection vulnerability in maintenance.cgi in Mutiny "Monitoring Appliance" before 6.1... High Unreviewed
CVE-2018-15529 was published May 13, 2022
Improper input sanitization within the restricted administration shell on UCOPIA Wireless... High Unreviewed
CVE-2018-15481 was published May 13, 2022
upgrade_handle.php on NUUO NVRmini devices allows Remote Command Execution via shell... Critical Unreviewed
CVE-2018-14933 was published May 13, 2022
The Leagoo P1 Android device with a build fingerprint of sp7731c_1h10_32v4_bird:6.0/MRA58K... High Unreviewed
CVE-2018-14998 was published May 13, 2022
System command injection in the /DroboPix/api/drobopix/demo endpoint on Drobo 5N2 NAS version 4.0... Critical Unreviewed
CVE-2018-14706 was published May 13, 2022
System command injection in the /DroboAccess/enable_user endpoint in Drobo 5N2 NAS version 4.0.5... Critical Unreviewed
CVE-2018-14699 was published May 13, 2022
An issue was discovered on Tenda AC7 devices with firmware through V15.03.06.44_CN(AC7), AC9... Critical Unreviewed
CVE-2018-14558 was published May 13, 2022
System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to... High Unreviewed
CVE-2018-13353 was published May 13, 2022
System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to... High Unreviewed
CVE-2018-13358 was published May 13, 2022
System command injection in logtable.php in TerraMaster TOS version 3.1.03 allows attackers to... Critical Unreviewed
CVE-2018-13354 was published May 13, 2022
System command injection in ajaxdata.php in TerraMaster TOS 3.1.03 allows attackers to execute... High Unreviewed
CVE-2018-13418 was published May 13, 2022
System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to... Critical Unreviewed
CVE-2018-13338 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database