Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,267 advisories

Loading
An OS command injection vulnerability exists in the m2m DELETE_FILE cmd functionality of Siretta... Critical Unreviewed
CVE-2022-40222 was published Jan 27, 2023
Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0... Critical Unreviewed
CVE-2022-42493 was published Jan 27, 2023
Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0... Critical Unreviewed
CVE-2022-42490 was published Jan 27, 2023
Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0... Critical Unreviewed
CVE-2022-42491 was published Jan 27, 2023
Several OS command injection vulnerabilities exist in the m2m binary of Siretta QUARTZ-GOLD G5.0... Critical Unreviewed
CVE-2022-42492 was published Jan 27, 2023
Remote code execution in simple-git Critical
CVE-2022-25860 was published for simple-git (npm) Jan 26, 2023
Command Injection in create-choo-electron Critical
CVE-2022-25908 was published for create-choo-electron (npm) Jan 26, 2023
Command injection in vagrant.js Critical
CVE-2022-25962 was published for vagrant.js (npm) Jan 26, 2023
A command injection vulnerability in the DDNS service configuration of Western Digital My Cloud... Critical Unreviewed
CVE-2022-29843 was published Jan 26, 2023
OS Command injection vulnerability in sleuthkit fls tool 4.11.1 allows attackers to execute... Critical Unreviewed
CVE-2022-45639 was published Jan 24, 2023
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection... Critical Unreviewed
CVE-2022-48124 was published Jan 20, 2023
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection... Critical Unreviewed
CVE-2022-48121 was published Jan 20, 2023
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection... Critical Unreviewed
CVE-2022-48122 was published Jan 20, 2023
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection... Critical Unreviewed
CVE-2022-48123 was published Jan 20, 2023
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection... Critical Unreviewed
CVE-2022-48125 was published Jan 20, 2023
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection... Critical Unreviewed
CVE-2022-48126 was published Jan 20, 2023
D-Link DIR-859 A1 1.05 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-46476 was published Jan 20, 2023
TOTOlink A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection Vulnerability in the... Critical Unreviewed
CVE-2022-47853 was published Jan 17, 2023
MAHO-PBX NetDevancer Lite/Uni/Pro/Cloud prior to Ver.1.11.00, MAHO-PBX NetDevancer VSG Lite/Uni... Critical Unreviewed
CVE-2023-22279 was published Jan 17, 2023
global-modules-path Command Injection vulnerability Critical
CVE-2022-21191 was published for global-modules-path (npm) Jan 13, 2023
The jokob-sk/Pi.Alert fork (before 22.12.20) of Pi.Alert allows Remote Code Execution via... Critical Unreviewed
CVE-2022-48252 was published Jan 11, 2023
wifey vulnerable to Command Injection due to improper input sanitization Critical
CVE-2022-25890 was published for wifey (npm) Jan 9, 2023
exec-local-bin vulnerable to Command Injection Critical
CVE-2022-25923 was published for exec-local-bin (npm) Jan 6, 2023
RESERVED An issue in the /login/index.php component of Centos Web Panel 7 before v0.9.8.1147... Critical Unreviewed
CVE-2022-44877 was published Jan 6, 2023
TRENDnet TEW755AP 1.13B01 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-46597 was published Dec 30, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database