Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,640
Maven
5,000+
npm
4,265
NuGet
760
pip
4,061
Pub
12
RubyGems
956
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,103 advisories

Loading
Movable Type XMLRPC API provided by Six Apart Ltd. contains a command injection vulnerability.... Critical Unreviewed
CVE-2022-38078 was published Aug 25, 2022
Incorrect input sanitation in text-oriented user interfaces (telnet, ssh) in Swisscom Centro... High Unreviewed
CVE-2019-19940 was published May 24, 2022
An exploitable command injection vulnerability exists in encrypted diagnostic script... High Unreviewed
CVE-2019-5138 was published May 24, 2022
Kaseya Traverse before 9.5.20 allows OS command injection attacks against user accounts,... High Unreviewed
CVE-2020-8427 was published May 24, 2022
Improper neutralization of special elements used in an OS command in Druva inSync Windows Client... High Unreviewed
CVE-2019-3999 was published May 24, 2022
On TP-Link TL-WR849N 0.9.1 4.16 devices, a remote command execution vulnerability in the... High Unreviewed
CVE-2020-9374 was published May 24, 2022
An exploitable command injection vulnerability exists in the hostname functionality of the Moxa... High Unreviewed
CVE-2019-5142 was published May 24, 2022
An exploitable command injection vulnerability exists in the iw_webs functionality of the Moxa... Moderate Unreviewed
CVE-2019-5141 was published May 24, 2022
IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary... High Unreviewed
CVE-2020-4211 was published May 24, 2022
An issue was discovered in GitLab Community and Enterprise Edition 11.11. A specially crafted... Moderate Unreviewed
CVE-2019-12430 was published May 24, 2022
pacman before 5.2 is vulnerable to arbitrary command injection in lib/libalpm/sync.c in the... Moderate Unreviewed
CVE-2019-18183 was published May 24, 2022
pacman before 5.2 is vulnerable to arbitrary command injection in conf.c in the... Moderate Unreviewed
CVE-2019-18182 was published May 24, 2022
An exploitable command injection vulnerability exists in the iwwebs functionality of the Moxa AWK... Moderate Unreviewed
CVE-2019-5140 was published May 24, 2022
IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary... High Unreviewed
CVE-2020-4222 was published May 24, 2022
IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary... High Unreviewed
CVE-2020-4213 was published May 24, 2022
A vulnerability was found in Brave UX for-the-badge and classified as critical. Affected by this... Critical Unreviewed
CVE-2021-4281 was published Dec 26, 2022
IBM Spectrum Protect Plus 10.1.0 and 10.1.5 could allow a remote attacker to execute arbitrary... High Unreviewed
CVE-2020-4210 was published May 24, 2022
An issue was discovered in EyesOfNetwork 5.3. An authenticated web user with sufficient... High Unreviewed
CVE-2020-8654 was published May 24, 2022
OS command injection in CryptoMove Plugin High
CVE-2020-2159 was published for io.jenkins.plugins:cryptomove (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to... High Unreviewed
CVE-2021-33554 was published May 24, 2022
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to... High Unreviewed
CVE-2021-33553 was published May 24, 2022
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to... High Unreviewed
CVE-2021-33544 was published May 24, 2022
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to... High Unreviewed
CVE-2021-33552 was published May 24, 2022
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to... High Unreviewed
CVE-2021-33548 was published May 24, 2022
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to... High Unreviewed
CVE-2021-33550 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database