Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,102 advisories

Loading
Arbitrary command execution is possible in Git before 2.20.2, 2.21.x before 2.21.1, 2.22.x before... High Unreviewed
CVE-2019-19604 was published May 24, 2022
Crestron DMC-STRO 1.0 devices allow remote command execution as root via shell metacharacters to... High Unreviewed
CVE-2019-18184 was published May 24, 2022
An exploitable command injection vulnerability exists in the /goform/WanParameterSetting... High Unreviewed
CVE-2019-5071 was published May 24, 2022
The VPN software within HP ThinPro does not safely handle user supplied input, which may be... High Unreviewed
CVE-2019-18909 was published May 24, 2022
An exploitable command injection vulnerability exists in the Config editor of the Exhibitor Web... High Unreviewed
CVE-2019-5029 was published May 24, 2022
Unbound 1.6.4 through 1.9.4 contain a vulnerability in the ipsec module that can cause shell code... High Unreviewed
CVE-2019-18934 was published May 24, 2022
A shell injection flaw was found in pglogical in versions before 2.3.4 and before 3.6.26. An... High Unreviewed
CVE-2021-3515 was published May 24, 2022
An exploitable command injection vulnerability exists in the /goform/WanParameterSetting... Moderate Unreviewed
CVE-2019-5072 was published May 24, 2022
In radare2 before 3.9.0, a command injection vulnerability exists in bin_symbols() in libr/core... Moderate Unreviewed
CVE-2019-16718 was published May 24, 2022
System command execution vulnerability in Selection tasks Jenkins Plugin High
CVE-2020-2276 was published for org.jvnet.hudson.plugins:selection-tasks-plugin (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
Dell Edge Gateway 5200 (EGW) versions before 1.03.10 contain an operating system command... High Unreviewed
CVE-2022-34383 was published Sep 1, 2022
An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is... Moderate Unreviewed
CVE-2019-14337 was published May 24, 2022
pfSense pfBlockerNG through 2.1.4_27 allows remote attackers to execute arbitrary OS commands as... Critical Unreviewed
CVE-2022-40624 was published Dec 20, 2022
NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can inject... High Unreviewed
CVE-2022-42289 was published Jan 13, 2023
Dataprobe iBoot-PDU FW versions prior to 1.42.06162022 contain a vulnerability where a specific... Critical Unreviewed
CVE-2022-3183 was published Dec 22, 2022
An issue was discovered on D-Link DIR-818LW devices with firmware 2.06betab01. There is a command... High Unreviewed
CVE-2019-13482 was published May 24, 2022
OS command execution vulnerability in Perfecto Plugin High
CVE-2020-2261 was published for io.jenkins.plugins:perfecto (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
app/operator_panel/exec.php in the Operator Panel module in FreePBX 4.4.3 suffers from a command... High Unreviewed
CVE-2019-11409 was published May 24, 2022
A vulnerability in the London Trust Media Private Internet Access (PIA) VPN Client v82 for Linux... High Unreviewed
CVE-2019-12579 was published May 24, 2022
An issue was discovered on D-Link DIR-818LW devices with firmware 2.06betab01. There is a command... High Unreviewed
CVE-2019-13481 was published May 24, 2022
Command Injection vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and... High Unreviewed
CVE-2019-3631 was published May 24, 2022
Command Injection vulnerability in McAfee Enterprise Security Manager (ESM) prior to 11.2.0 and... High Unreviewed
CVE-2019-3630 was published May 24, 2022
On BIG-IP 14.1.0-14.1.0.5, 14.0.0-14.0.0.5, 13.0.0-13.1.1.4, 12.1.0-12.1.4.1, 11.6.1-11.6.3.4,... High Unreviewed
CVE-2019-6621 was published May 24, 2022
Western Digital WD My Book Live (all versions) has a root Remote Command Execution bug via shell... Critical Unreviewed
CVE-2018-18472 was published May 24, 2022
Linear eMerge 50P/5000P devices allow Authenticated Command Injection with root Code Execution. Critical Unreviewed
CVE-2019-7269 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database