Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,071 advisories

Loading
TOTOLINK CA300-PoE V6.2c.884 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2023-24138 was published Feb 3, 2023
A vulnerability was found in TRENDnet TEW-652BRP 3.04b01. It has been classified as critical.... Critical Unreviewed
CVE-2023-0640 was published Feb 2, 2023
A vulnerability has been found in TRENDnet TEW-811DRU 1.0.10.0 and classified as critical. This... Critical Unreviewed
CVE-2023-0638 was published Feb 2, 2023
nemo-appium vulnerable to OS Command Injection Critical
CVE-2022-21129 was published for nemo-appium (npm) Jan 31, 2023
Rukovoditel v3.2.1 was discovered to contain a remote code execution (RCE) vulnerability in the... Critical Unreviewed
CVE-2022-48175 was published Jan 31, 2023
The PdfBook extension through 2.0.5 before b07b6a64 for MediaWiki allows command injection via an... Critical Unreviewed
CVE-2023-24612 was published Jan 30, 2023
D-Link DIR_878_FW1.30B08 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-48108 was published Jan 27, 2023
D-Link DIR_878_FW1.30B08 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-48107 was published Jan 27, 2023
flash_tool Gem for Ruby File Download Handling Arbitrary Command Execution Critical
CVE-2013-2513 was published for flash_tool (RubyGems) Jan 26, 2023
Command Injection in create-choo-electron Critical
CVE-2022-25908 was published for create-choo-electron (npm) Jan 26, 2023
Command injection in vagrant.js Critical
CVE-2022-25962 was published for vagrant.js (npm) Jan 26, 2023
Command Injection in Apache Airflow and Apache Airflow MySQL Provider Critical
CVE-2023-22884 was published for apache-airflow (pip) Jan 21, 2023
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection... Critical Unreviewed
CVE-2022-48124 was published Jan 20, 2023
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection... Critical Unreviewed
CVE-2022-48121 was published Jan 20, 2023
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection... Critical Unreviewed
CVE-2022-48122 was published Jan 20, 2023
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection... Critical Unreviewed
CVE-2022-48123 was published Jan 20, 2023
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection... Critical Unreviewed
CVE-2022-48125 was published Jan 20, 2023
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection... Critical Unreviewed
CVE-2022-48126 was published Jan 20, 2023
D-Link DIR-859 A1 1.05 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-46476 was published Jan 20, 2023
TOTOlink A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection Vulnerability in the... Critical Unreviewed
CVE-2022-47853 was published Jan 17, 2023
global-modules-path Command Injection vulnerability Critical
CVE-2022-21191 was published for global-modules-path (npm) Jan 13, 2023
The webserver in Delta DX-3021 versions prior to 1.24 is vulnerable to command injection through... Critical Unreviewed
CVE-2022-4616 was published Jan 13, 2023
wifey vulnerable to Command Injection due to improper input sanitization Critical
CVE-2022-25890 was published for wifey (npm) Jan 9, 2023
There is a command injection vulnerability in ZTE MF286R, Due to insufficient validation of the... Critical Unreviewed
CVE-2022-39073 was published Jan 6, 2023
A vulnerability was found in trampgeek jobe up to 1.6.x and classified as critical. This issue... Critical Unreviewed
CVE-2020-36642 was published Jan 6, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database