Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,267 advisories

Loading
Nadesiko3 OS Command Injection vulnerability Critical
CVE-2022-41642 was published for nadesiko3 (npm) Dec 5, 2022
nadesiko3 vulnerable to OS Command Injection Critical
CVE-2022-42496 was published for nadesiko3 (npm) Dec 5, 2022
D-Link DVG-G5402SP GE_1.03 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-44928 was published Dec 2, 2022
D-Link DHP-W310AV 3.10EU was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-44930 was published Dec 2, 2022
An unauthenticated command injection vulnerability in the product license validation function of... Critical Unreviewed
CVE-2022-43325 was published Dec 2, 2022
A vulnerability was found in C-DATA Web Management System. It has been rated as critical. This... Critical Unreviewed
CVE-2022-4257 was published Dec 1, 2022
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed
CVE-2022-4221 was published Dec 1, 2022
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection... Critical Unreviewed
CVE-2022-44844 was published Nov 25, 2022
TOTOLINK NR1800X V9.1.0u.6279_B20210910 contains a command injection via the FileName parameter... Critical Unreviewed
CVE-2022-44249 was published Nov 23, 2022
TOTOLINK NR1800X V9.1.0u.6279_B20210910 contains a command injection via the ussd parameter in... Critical Unreviewed
CVE-2022-44251 was published Nov 23, 2022
TOTOLINK NR1800X V9.1.0u.6279_B20210910 contains a command injection via the hostName parameter... Critical Unreviewed
CVE-2022-44250 was published Nov 23, 2022
TOTOLINK NR1800X V9.1.0u.6279_B20210910 contains a command injection via the FileName parameter... Critical Unreviewed
CVE-2022-44252 was published Nov 23, 2022
A command injection vulnerability has been found on D-Link DIR-823G devices with firmware version... Critical Unreviewed
CVE-2022-44808 was published Nov 22, 2022
D-Link DIR823G 1.02B05 is vulnerable to Commad Injection. Critical Unreviewed
CVE-2022-44201 was published Nov 22, 2022
OS Command Injection in Apache Airflow Critical
CVE-2022-38649 was published for apache-airflow (pip) Nov 22, 2022
sunSUNQ
Credited to sunSUNQ
OS Command Injection in Apache Airflow Critical
CVE-2022-40189 was published for apache-airflow (pip) Nov 22, 2022
A vulnerability in the web-based management interface of Aruba EdgeConnect Enterprise... Critical Unreviewed
CVE-2022-37915 was published Oct 28, 2022
Four OS command injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode... Critical Unreviewed
CVE-2022-33195 was published Oct 25, 2022
Four OS command injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode... Critical Unreviewed
CVE-2022-33194 was published Oct 25, 2022
Four OS command injection vulnerabilities exists in the web interface /action/wirelessConnect... Critical Unreviewed
CVE-2022-33204 was published Oct 25, 2022
Four OS command injection vulnerabilities exists in the web interface /action/wirelessConnect... Critical Unreviewed
CVE-2022-33207 was published Oct 25, 2022
Four OS command injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode... Critical Unreviewed
CVE-2022-33192 was published Oct 25, 2022
Four OS command injection vulnerabilities exists in the web interface /action/wirelessConnect... Critical Unreviewed
CVE-2022-33206 was published Oct 25, 2022
Four OS command injection vulnerabilities exist in the XCMD testWifiAP functionality of Abode... Critical Unreviewed
CVE-2022-33193 was published Oct 25, 2022
An OS command injection vulnerability exists in the XCMD setAlexa functionality of Abode Systems,... Critical Unreviewed
CVE-2022-33189 was published Oct 25, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database