Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,071 advisories

Loading
Tenda AX3 V16.03.12.11 was discovered to contain a command injection vulnerability via the lanip... Critical Unreviewed
CVE-2023-27240 was published Mar 15, 2023
stoqey/gnuplot is vulnerable to command injection Critical
CVE-2021-33360 was published for @stoqey/gnuplot (npm) Mar 10, 2023
json-logic-js Command Injection vulnerability Critical
CVE-2021-4329 was published for json-logic-js (npm) Mar 5, 2023
Baicells EG7035-M11 devices with firmware through BCE-ODU-1.0.8 are vulnerable to improper code... Critical Unreviewed
CVE-2023-1097 was published Mar 1, 2023
There are multiple command injection vulnerabilities that could lead to unauthenticated remote... Critical Unreviewed
CVE-2023-22748 was published Mar 1, 2023
There are multiple command injection vulnerabilities that could lead to unauthenticated remote... Critical Unreviewed
CVE-2023-22750 was published Mar 1, 2023
There are multiple command injection vulnerabilities that could lead to unauthenticated remote... Critical Unreviewed
CVE-2023-22749 was published Mar 1, 2023
There are multiple command injection vulnerabilities that could lead to unauthenticated remote... Critical Unreviewed
CVE-2023-22747 was published Mar 1, 2023
There is a system command injection vulnerability in BiSheng-WNM FW 3.0.0.325. Successful... Critical Unreviewed
CVE-2022-48259 was published Feb 27, 2023
There is a system command injection vulnerability in BiSheng-WNM FW 3.0.0.325. A Huawei printer... Critical Unreviewed
CVE-2022-48255 was published Feb 27, 2023
Certain Tenda products are vulnerable to command injection. This affects Tenda CP7 Tenda CP7<=V11... Critical Unreviewed
CVE-2023-23080 was published Feb 27, 2023
ASUS ASMB8 iKVM firmware through 1.14.51 allows remote attackers to execute arbitrary code by... Critical Unreviewed
CVE-2023-26602 was published Feb 26, 2023
Versionn Command Injection Vulnerability Critical
CVE-2023-25805 was published for versionn (npm) Feb 22, 2023
TOTOLink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection vulnerability. Critical Unreviewed
CVE-2023-24184 was published Feb 21, 2023
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name... Critical Unreviewed
CVE-2022-48337 was published Feb 21, 2023
An issue was discovered in GNU Emacs through 28.2. In ruby-mode.el, the ruby-find-library-file... Critical Unreviewed
CVE-2022-48338 was published Feb 21, 2023
An issue was discovered in GNU Emacs through 28.2. htmlfontify.el has a command injection... Critical Unreviewed
CVE-2022-48339 was published Feb 21, 2023
QVidium Technologies Amino A140 (prior to firmware version 1.0.0-283) was discovered to contain a... Critical Unreviewed
CVE-2022-40021 was published Feb 18, 2023
TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection... Critical Unreviewed
CVE-2023-24238 was published Feb 16, 2023
TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection... Critical Unreviewed
CVE-2023-24236 was published Feb 16, 2023
A vulnerability has been found in Netgear WNDR3700v2 1.0.1.14 and classified as critical. This... Critical Unreviewed
CVE-2023-0849 was published Feb 16, 2023
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2023-24160 was published Feb 14, 2023
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2023-24161 was published Feb 14, 2023
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2023-24159 was published Feb 14, 2023
Microchip Technology (Microsemi) SyncServer S650 was discovered to contain a command injection... Critical Unreviewed
CVE-2022-40022 was published Feb 13, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database