Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,267 advisories

Loading
An OS command injection vulnerability exists in the js_package install functionality of Robustel... Critical Unreviewed
CVE-2022-33150 was published Oct 25, 2022
Four OS command injection vulnerabilities exists in the web interface /action/wirelessConnect... Critical Unreviewed
CVE-2022-33205 was published Oct 25, 2022
An OS command injection vulnerability exists in the XCMD doDebug functionality of Abode Systems,... Critical Unreviewed
CVE-2022-32773 was published Oct 25, 2022
An OS command injection vulnerability exists in the sysupgrade command injection functionality of... Critical Unreviewed
CVE-2022-32765 was published Oct 25, 2022
documentconverter in OX App Suite through 7.10.6, in a non-default configuration with ghostscript... Critical Unreviewed
CVE-2022-29851 was published Oct 25, 2022
An os command injection vulnerability exists in the web interface util_set_abode_code... Critical Unreviewed
CVE-2022-27804 was published Oct 25, 2022
An OS command injection vulnerability exists in the console_main_loop :sys functionality of Abode... Critical Unreviewed
CVE-2022-29520 was published Oct 25, 2022
An OS command injection vulnerability exists in the web interface util_set_serial_mac... Critical Unreviewed
CVE-2022-29472 was published Oct 25, 2022
An OS command injection vulnerability exists in the XCMD setUPnP functionality of Abode Systems,... Critical Unreviewed
CVE-2022-30541 was published Oct 25, 2022
D-Link DIR878 1.30B08 Hotfix_04 was discovered to contain a command injection vulnerability via... Critical Unreviewed
CVE-2022-43184 was published Oct 19, 2022
MVPower CCTV DVR models, including TV-7104HE 1.8.4 115215B9 and TV7108HE, contain a web shell... Critical Unreviewed
CVE-2016-20016 was published Oct 19, 2022
An improper neutralization of special elements used in an OS Command ('OS Command Injection')... Critical Unreviewed
CVE-2022-33874 was published Oct 18, 2022
An improper neutralization of special elements used in an OS Command ('OS Command Injection')... Critical Unreviewed
CVE-2022-33873 was published Oct 18, 2022
An improper neutralization of special elements used in an OS Command ('OS Command Injection')... Critical Unreviewed
CVE-2022-33872 was published Oct 18, 2022
A vulnerability in GitLab CE/EE affecting all versions from 11.3.4 prior to 15.1.5, 15.2 to 15.2... Critical Unreviewed
CVE-2022-2884 was published Oct 17, 2022
TOTOLINK A860R V4.1.2cu.5182_B20201027 was discovered to contain a command injection via the... Critical Unreviewed
CVE-2022-40475 was published Sep 30, 2022
In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote,... Critical Unreviewed
CVE-2022-28811 was published Sep 29, 2022
XXL-JOB contains a Command execution vulnerability in background tasks Critical
CVE-2022-40929 was published for com.xuxueli:xxl-job-core (Maven) Sep 29, 2022
PROSCEND - PROSCEND / ADVICE .Ltd - G/5G Industrial Cellular Router (with GPS)4 Unauthenticated... Critical Unreviewed
CVE-2022-36779 was published Sep 14, 2022
In NOKIA 1350 OMS R14.2, multiple OS Command Injection vulnerabilities occur in /CGI-BIN/OTNE_1... Critical Unreviewed
CVE-2022-39815 was published Sep 14, 2022
pfSense pfBlockerNG through 2.1.4_26 allows remote attackers to execute arbitrary OS commands as... Critical Unreviewed
CVE-2022-31814 was published Sep 6, 2022
Rengine v1.3.0 was discovered to contain a command injection vulnerability via the scan engine... Critical Unreviewed
CVE-2022-36566 was published Sep 1, 2022
SmartFabric storage software version 1.0.0 contains a Command-Injection vulnerability. A remote... Critical Unreviewed
CVE-2022-31232 was published Aug 31, 2022
D-Link GO-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 is vulnerable to Command... Critical Unreviewed
CVE-2022-37056 was published Aug 29, 2022
D-Link Go-RT-AC750 GORTAC750_revA_v101b03 and GO-RT-AC750_revB_FWv200b02 are vulnerable to... Critical Unreviewed
CVE-2022-37057 was published Aug 29, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database