Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,267 advisories

Loading
Liferay Portal 6.2.5 allows Command=FileUpload&Type=File&CurrentFolder=/ requests when frmfolders... Critical Unreviewed
CVE-2021-33990 was published Apr 16, 2023
WFS-SR03 v1.0.3 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2023-29805 was published Apr 14, 2023
Command injection vulnerability found in Tenda G103 v.1.0.0.5 allows attacker to execute... Critical Unreviewed
CVE-2023-27076 was published Apr 10, 2023
OS Command Injection vulnerability in quectel AG550QCN allows attackers to execute arbitrary... Critical Unreviewed
CVE-2023-26921 was published Apr 4, 2023
Osprey Pump Controller version 1.01 is vulnerable an unauthenticated OS command injection... Critical Unreviewed
CVE-2023-27394 was published Mar 28, 2023
Osprey Pump Controller version 1.01 is vulnerable to an unauthenticated OS command injection... Critical Unreviewed
CVE-2023-27886 was published Mar 28, 2023
TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 is discovered to contain a command injection... Critical Unreviewed
CVE-2022-28495 was published Mar 24, 2023
org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers... Critical Unreviewed
CVE-2023-28617 was published Mar 19, 2023
OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate... Critical Unreviewed
CVE-2023-25280 was published Mar 16, 2023
OS command injection affects Altenergy Power Control Software C1.2.5 via shell metacharacters in... Critical Unreviewed
CVE-2023-28343 was published Mar 14, 2023
OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate... Critical Unreviewed
CVE-2023-25279 was published Mar 13, 2023
OS Command injection vulnerability in D-Link DIR-867 DIR_867_FW1.30B07 allows attackers to... Critical Unreviewed
CVE-2023-24762 was published Mar 13, 2023
A vulnerability was found in liferea. It has been rated as critical. Affected by this issue is... Critical Unreviewed
CVE-2023-1350 was published Mar 11, 2023
emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections... Critical Unreviewed
CVE-2023-27985 was published Mar 9, 2023
TOTOlink A7100RU V7.4cu.2313_B20191024 router has a command injection vulnerability. Critical Unreviewed
CVE-2023-25395 was published Mar 8, 2023
Gogs OS Command Injection vulnerability Critical
CVE-2022-2024 was published for gogs.io/gogs (Go) Feb 28, 2023
cokeBeer
Credited to cokeBeer
Code injection in pdf_info Critical
CVE-2022-36231 was published for pdf_info (RubyGems) Feb 24, 2023
A vulnerability was found in DolphinPHP up to 1.5.1. It has been declared as critical. Affected... Critical Unreviewed
CVE-2023-0935 was published Feb 21, 2023
GNU Emacs through 28.2 allows attackers to execute commands via shell metacharacters in the name... Critical Unreviewed
CVE-2022-48337 was published Feb 21, 2023
Command injection in the administration interface in APSystems ECU-R version 5203 allows a remote... Critical Unreviewed
CVE-2022-45699 was published Feb 10, 2023
A command injection vulnerability exists in Jitsi before commit... Critical Unreviewed
CVE-2022-43550 was published Feb 9, 2023
OS Command injection vulnerability in Support Center Plus 11 via Executor in Action when creating... Critical Unreviewed
CVE-2023-23076 was published Feb 1, 2023
nemo-appium vulnerable to OS Command Injection Critical
CVE-2022-21129 was published for nemo-appium (npm) Jan 31, 2023
An OS command injection vulnerability exists in the httpd logs/view.cgi functionality of... Critical Unreviewed
CVE-2022-42484 was published Jan 30, 2023
D-Link DIR_878_FW1.30B08 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-48108 was published Jan 27, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database