Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,992 advisories

Loading
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability... Critical Unreviewed
CVE-2022-28912 was published May 11, 2022
A command injection vulnerability in the component /setnetworksettings/IPAddress of D-Link DIR882... Critical Unreviewed
CVE-2022-28895 was published May 11, 2022
A command injection vulnerability in the component /setnetworksettings/SubnetMask of D-Link... Critical Unreviewed
CVE-2022-28896 was published May 11, 2022
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability... Critical Unreviewed
CVE-2022-28907 was published May 11, 2022
TOTOLink N600R V5.3c.7159_B20190425 was discovered to contain a command injection vulnerability... Critical Unreviewed
CVE-2022-28906 was published May 11, 2022
SolarView Compact ver.6.00 was discovered to contain a command injection vulnerability via... Critical Unreviewed
CVE-2022-29303 was published May 13, 2022
An exploitable command execution vulnerability exists in Information Builders WebFOCUS Business... High Unreviewed
CVE-2016-9044 was published May 13, 2022
An exploitable command injection vulnerability exists in the web management interface used by the... High Unreviewed
CVE-2017-2832 was published May 13, 2022
An exploitable command injection vulnerability exists in the web management interface used by the... High Unreviewed
CVE-2017-2833 was published May 13, 2022
An exploitable vulnerability exists in the WiFi Channel parsing of Circle with Disney running... Moderate Unreviewed
CVE-2017-12094 was published May 13, 2022
An exploitable command injection vulnerability exists in the DHCP daemon configuration of the... Critical Unreviewed
CVE-2018-3963 was published May 13, 2022
Apache OpenOffice before 4.1.1 allows remote attackers to execute arbitrary commands and possibly... High Unreviewed
CVE-2014-3524 was published May 13, 2022
A Command Injection vulnerability in Schneider Electric homeLYnk Controller exists in all... Critical Unreviewed
CVE-2017-7689 was published May 13, 2022
The STARTTLS implementation in mail/ngx_mail_smtp_handler.c in the SMTP proxy in nginx 1.5.x and... Moderate Unreviewed
CVE-2014-3556 was published May 13, 2022
The handle_certificate function in /vmi/manager/engine/management/commands/apns_worker.py in... High Unreviewed
CVE-2016-6270 was published May 13, 2022
Apache Directory Studio Command Injection High
CVE-2015-5349 was published for org.apache.directory.studio:org.apache.directory.studio.ldapbrowser.core (Maven) May 13, 2022
Blkid in util-linux before 2.26rc-1 allows local users to execute arbitrary code. High Unreviewed
CVE-2014-9114 was published May 13, 2022
rssh version 2.3.4 contains a CWE-77: Improper Neutralization of Special Elements used in a... High Unreviewed
CVE-2019-1000018 was published May 13, 2022
GParted before 0.15.0 allows local users to execute arbitrary commands with root privileges via... High Unreviewed
CVE-2014-7208 was published May 13, 2022
Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim... Moderate Unreviewed
CVE-2010-4345 was published May 13, 2022
An issue was discovered on the D-Link DWR-932B router. qmiweb allows command injection with `... Critical Unreviewed
CVE-2016-10182 was published May 13, 2022
Python Software Foundation Python (CPython) version 2.7 contains a CWE-77: Improper... Critical Unreviewed
CVE-2018-1000802 was published May 13, 2022
MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a... Low Unreviewed
CVE-2010-2008 was published May 13, 2022
A vulnerability in the local CLI of the Cisco SD-WAN Solution could allow an authenticated, local... High Unreviewed
CVE-2019-1646 was published May 13, 2022
sudo before version 1.8.18p1 is vulnerable to a bypass in the sudo noexec restriction if... High Unreviewed
CVE-2016-7076 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database