Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,100 advisories

Loading
Command injection vulnerability in Trend Micro Smart Protection Server (Standalone) 3.1 and 3.2... High Unreviewed
CVE-2017-11395 was published May 13, 2022
A command injection vulnerability exists in Trend Micro Deep Discovery Director 1.1 that allows... Critical Unreviewed
CVE-2017-11381 was published May 13, 2022
Codiad Vulnerable to Shell Command Injection Critical
CVE-2017-11366 was published for codiad/codiad (Composer) May 13, 2022
The chroothole_client executable in UCOPIA Wireless Appliance before 5.1.8 allows remote... High Unreviewed
CVE-2017-11322 was published May 13, 2022
Command injection vulnerability in Document.php in Synology Office 2.2.0-1502 and 2.2.1-1506... High Unreviewed
CVE-2017-11150 was published May 13, 2022
fs-git command injection vulnerability High
CVE-2017-1000451 was published for fs-git (npm) May 13, 2022
PIDUsage Enables OS Command Injection Critical
CVE-2017-1000220 was published for pidusage (npm) May 13, 2022
mattberry3
Credited to mattberry3
ROOT xrootd version 4.6.0 and below is vulnerable to an unauthenticated shell command injection... Critical Unreviewed
CVE-2017-1000215 was published May 13, 2022
ROOT version 6.9.03 and below is vulnerable to an authenticated shell metacharacter injection in... High Unreviewed
CVE-2017-1000203 was published May 13, 2022
Command injection in evince via filename when printing to PDF. This affects versions earlier than... High Unreviewed
CVE-2017-1000159 was published May 13, 2022
Mercurial is vulnerable to shell injection attack Critical
CVE-2017-1000116 was published for mercurial (pip) May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... High Unreviewed
CVE-2017-10953 was published May 13, 2022
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations... High Unreviewed
CVE-2017-10951 was published May 13, 2022
** DISPUTED ** This vulnerability allows remote attackers to execute arbitrary code on vulnerable... High Unreviewed
CVE-2017-10955 was published May 13, 2022
A vulnerability in the Cisco Unified Computing System (UCS) Manager, Cisco Firepower 4100 Series... High Unreviewed
CVE-2017-12243 was published May 13, 2022
A vulnerability in the debug interface of Cisco IP Phone 8800 series could allow an authenticated... High Unreviewed
CVE-2017-12305 was published May 13, 2022
An Improper Neutralization of Special Elements used in an OS Command issue was discovered in... High Unreviewed
CVE-2017-14001 was published May 13, 2022
OS Command Injection vulnerability in McAfee ePolicy Orchestrator (ePO) 5.9.0, 5.3.2, 5.3.1, 5.1... Critical Unreviewed
CVE-2017-3936 was published May 13, 2022
In version 3.5 and prior of Cambium Networks ePMP firmware, a lack of input sanitation for... High Unreviewed
CVE-2017-5255 was published May 13, 2022
A vulnerability in the AutoIT service of Cisco Ultra Services Framework Staging Server could... Critical Unreviewed
CVE-2017-6714 was published May 13, 2022
A vulnerability in the USB-modem code of Cisco IOS XE Software running on Cisco ASR 920 Series... High Unreviewed
CVE-2017-6796 was published May 13, 2022
A shell command injection in the obs-service-source_validator before 0.7 could be used to execute... High Unreviewed
CVE-2017-9274 was published May 13, 2022
A vulnerability in the web management GUI of the Cisco D9800 Network Transport Receiver could... High Unreviewed
CVE-2018-0099 was published May 13, 2022
A vulnerability in the CLI of the Cisco StarOS operating system for Cisco ASR 5000 Series routers... High Unreviewed
CVE-2018-0115 was published May 13, 2022
Multiple vulnerabilities in the CLI parser of Cisco IOS XE Software could allow an authenticated,... High Unreviewed
CVE-2018-0176 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database