Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,100 advisories

Loading
System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to... Critical Unreviewed
CVE-2018-13336 was published May 13, 2022
System command injection in User.create method in Buffalo TS5600D1206 version 3.61-0.10 allows... High Unreviewed
CVE-2018-13318 was published May 13, 2022
System command injection in ajaxdata.php in TerraMaster TOS version 3.1.03 allows attackers to... High Unreviewed
CVE-2018-13330 was published May 13, 2022
System command injection in formAliasIp in TOTOLINK A3002RU version 1.0.8 allows attackers to... Critical Unreviewed
CVE-2018-13314 was published May 13, 2022
System command injection in fromNtp in TOTOLINK A3002RU version 1.0.8 allows attackers to execute... Critical Unreviewed
CVE-2018-13307 was published May 13, 2022
System command injection in formAliasIp in TOTOLINK A3002RU version 1.0.8 allows attackers to... Critical Unreviewed
CVE-2018-13316 was published May 13, 2022
System command injection in formDlna in TOTOLINK A3002RU version 1.0.8 allows attackers to... Critical Unreviewed
CVE-2018-13311 was published May 13, 2022
System command injection in formDlna in TOTOLINK A3002RU version 1.0.8 allows attackers to... Critical Unreviewed
CVE-2018-13306 was published May 13, 2022
System command injection vulnerability in wifi_access in Xiaomi Mi Router 3 version 2.22.15... High Unreviewed
CVE-2018-13023 was published May 13, 2022
OpenTSDB vulnerable to OS Command Injection Critical
CVE-2018-12972 was published for net.opentsdb:opentsdb (Maven) May 13, 2022
TP-Link TL-WA850RE Wi-Fi Range Extender with hardware version 5 allows remote authenticated users... High Unreviewed
CVE-2018-12692 was published May 13, 2022
Dell EMC RecoverPoint versions prior to 5.1.2 and RecoverPoint for VMs versions prior to 5.1.1.3,... Critical Unreviewed
CVE-2018-1235 was published May 13, 2022
acccheck.pl in acccheck 0.2.1 allows Command Injection via shell metacharacters in a username or... Critical Unreviewed
CVE-2018-12268 was published May 13, 2022
OS command injection in snmp.cgi in ASUSTOR ADM version 3.1.1 allows attackers to execute system... Critical Unreviewed
CVE-2018-12313 was published May 13, 2022
The ASUSTOR ADM 3.1.0.RFQ3 NAS portal suffers from an unauthenticated remote code execution... Critical Unreviewed
CVE-2018-11510 was published May 13, 2022
A remote unauthenticated user can execute commands as root in the Belkin N750 using firmware... Critical Unreviewed
CVE-2018-1144 was published May 13, 2022
A remote unauthenticated user can execute commands as root in the Belkin N750 using firmware... Critical Unreviewed
CVE-2018-1143 was published May 13, 2022
Quest DR Series Disk Backup software version before 4.0.3.1 allows privilege escalation (issue 1... High Unreviewed
CVE-2018-11189 was published May 13, 2022
Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 46 of... High Unreviewed
CVE-2018-11188 was published May 13, 2022
Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 45 of... High Unreviewed
CVE-2018-11187 was published May 13, 2022
Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 44 of... High Unreviewed
CVE-2018-11186 was published May 13, 2022
Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 35 of... High Unreviewed
CVE-2018-11177 was published May 13, 2022
Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 30 of... High Unreviewed
CVE-2018-11172 was published May 13, 2022
Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 37 of... High Unreviewed
CVE-2018-11179 was published May 13, 2022
Quest DR Series Disk Backup software version before 4.0.3.1 allows command injection (issue 43 of... High Unreviewed
CVE-2018-11185 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database