Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,992 advisories

Loading
On certain Ubiquiti devices, Command Injection exists via a GET request to stainfo.cgi (aka Show... Critical Unreviewed
CVE-2010-5330 was published Apr 21, 2022
Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 allows an unauthenticated attacker to inject... High Unreviewed
CVE-2022-27924 was published Apr 22, 2022
Command injection in czproject/git-php High
CVE-2022-25866 was published for czproject/git-php (Composer) Apr 26, 2022
The BeanShell components of IRISNext through 9.8.28 allow execution of arbitrary commands on the... High Unreviewed
CVE-2022-26111 was published Apr 26, 2022
In Bender/ebee Charge Controllers in multiple versions are prone to Command injection via Web... High Unreviewed
CVE-2021-34592 was published Apr 28, 2022
Sed Injection Vulnerability in GitHub repository hestiacp/hestiacp prior to 1.5.12. An... High Unreviewed
CVE-2022-1509 was published Apr 29, 2022
HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary... High Unreviewed
CVE-2005-2773 was published May 1, 2022
PHP remote file inclusion vulnerability in welcome.php in phpLDAPadmin 0.9.6 and 0.9.7 allows... High Unreviewed
CVE-2005-2793 was published May 1, 2022
masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server R7.1... High Unreviewed
CVE-2007-3010 was published May 1, 2022
OpenOffice.org (OOo) 2.0.4, 2.4.1, and 3.1.1 does not properly enforce Visual Basic for... High Unreviewed
CVE-2010-0136 was published May 2, 2022
D-Link DIR-823-Pro v1.0.2 was discovered to contain a command injection vulnerability in the... Critical Unreviewed
CVE-2022-28573 was published May 3, 2022
Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability in ... High Unreviewed
CVE-2022-28572 was published May 3, 2022
D-link 882 DIR882A1_FW130B06 was discovered to contain a command injection vulnerability in`/usr... Critical Unreviewed
CVE-2022-28571 was published May 3, 2022
OS Command Injection in git-pull-or-clone Critical
CVE-2022-24437 was published for git-pull-or-clone (npm) May 3, 2022
lirantal
Credited to lirantal
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 and... High Unreviewed
CVE-2022-20799 was published May 5, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV340 and... High Unreviewed
CVE-2022-20801 was published May 5, 2022
There is a command injection vulnerability at the /goform/setsambacfg interface of Tenda AC15... Critical Unreviewed
CVE-2022-28557 was published May 5, 2022
Fusionpbx v4.4 and below contains a command injection vulnerability via the download email logs... Critical Unreviewed
CVE-2022-28055 was published May 5, 2022
A Remote Code Execution (RCE) vulnerability exists in Ruijie Networks Ruijie RG-EW Series Routers... High Unreviewed
CVE-2021-43160 was published May 5, 2022
A Remote Code Execution (RCE) vulnerability exists in Ruijie Networks Ruijie RG-EW Series Routers... High Unreviewed
CVE-2021-43162 was published May 5, 2022
A Remote Code Execution (RCE) vulnerability exists in Ruijie Networks Ruijie RG-EW Series Routers... Critical Unreviewed
CVE-2021-43163 was published May 5, 2022
A Remote Code Execution (RCE) vulnerability exists in Ruijie Networks Ruijie RG-EW Series Routers... High Unreviewed
CVE-2021-43161 was published May 5, 2022
A Remote Code Execution (RCE) vulnerability exists in Ruijie Networks Ruijie RG-EW Series Routers... High Unreviewed
CVE-2021-43164 was published May 5, 2022
A Remote Code Execution (RCE) vulnerability exists in Ruijie Networks Ruijie RG-EW Series Routers... High Unreviewed
CVE-2021-43159 was published May 5, 2022
An issue was discovered in soap.cgi?service=WANIPConn1 on D-Link DIR-845 before v1.02b03, DIR-600... Critical Unreviewed
CVE-2013-7471 was published May 5, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database