GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,600
Composer 5,005
Erlang 39
GitHub Actions 38
Go 2,635
Maven 6,103
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,393

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,071 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

CImg The CImg Library v.2.3.3 and earlier is affected by: command injection. The impact is: RCE.... Critical Unreviewed

CVE-2019-1010174 was published May 24, 2022

An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the... Critical Unreviewed

CVE-2017-8408 was published May 24, 2022

An issue was discovered on D-Link DCS-1130 devices. The device provides a user with the... Critical Unreviewed

CVE-2017-8404 was published May 24, 2022

In NETGEAR ReadyNAS Surveillance before 1.4.3-17 x86 and before 1.1.4-7 ARM, $_GET['uploaddir']... Critical Unreviewed

CVE-2017-18378 was published May 24, 2022

An issue was discovered on Wireless IP Camera (P2P) WIFICAM cameras. There is Command Injection... Critical Unreviewed

CVE-2017-18377 was published May 24, 2022

On Seowon Intech routers, there is a Command Injection vulnerability in diagnostic.cgi via shell... Critical Unreviewed

CVE-2016-10760 was published May 24, 2022

The GitController in Jakub Chodounsky Bonobo Git Server before 6.5.0 allows execution of... Critical Unreviewed

CVE-2019-11217 was published May 24, 2022

Cribl UI 1.5.0 allows remote attackers to run arbitrary commands via an unauthenticated web request. Critical Unreviewed

CVE-2019-11076 was published May 24, 2022

Command injection in Apache Maven maven-shared-utils Critical

CVE-2022-29599 was published for org.apache.maven.shared:maven-shared-utils (Maven) May 24, 2022

Thecus 4800Eco was discovered to contain a command injection vulnerability via the username... Critical Unreviewed

CVE-2021-34111 was published May 21, 2022

A command injection security vulnerability has been identified in HPE Nimble Storage Hybrid Flash... Critical Unreviewed

CVE-2022-28618 was published May 21, 2022

The remote administration interface in D-Link DIR-815 devices with firmware before 2.03.B02... Critical Unreviewed

CVE-2014-8888 was published May 17, 2022

Cool Projects TarDiff allows remote attackers to execute arbitrary commands via shell... Critical Unreviewed

CVE-2015-0857 was published May 17, 2022

Directory traversal vulnerability in cgi-bin/rftest.cgi on Crestron AirMedia AM-100 devices with... Critical Unreviewed

CVE-2016-5640 was published May 17, 2022

Cisco Prime Network Analysis Module (NAM) before 6.1(1) patch.6.1-2-final and 6.2.x before 6.2(1)... Critical Unreviewed

CVE-2016-1388 was published May 17, 2022

Mailcwp remote file upload vulnerability incomplete fix v1.100 Critical Unreviewed

CVE-2016-1000156 was published May 17, 2022

Directory traversal vulnerability in file "jcss.php" in Zikula 1.3.x before 1.3.11 and 1.4.x... Critical Unreviewed

CVE-2016-9835 was published May 17, 2022

Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11... Critical Unreviewed

CVE-2016-10107 was published May 17, 2022

Unauthenticated Remote Command injection as root occurs in the Western Digital MyCloud NAS 2.11... Critical Unreviewed

CVE-2016-10108 was published May 17, 2022

An issue was discovered on SendQuick Entera and Avera devices before 2HF16. Multiple Command... Critical Unreviewed

CVE-2016-10098 was published May 17, 2022

Snoopy allows remote attackers to execute arbitrary commands. Critical Unreviewed

CVE-2014-5008 was published May 17, 2022

The _httpsrequest function in Snoopy allows remote attackers to execute arbitrary commands. NOTE... Critical Unreviewed

CVE-2008-7313 was published May 17, 2022

Jensen of Scandinavia AS Air:Link 3G (AL3G) version 2.23m (Rev. 3), Air:Link 5000AC (AL5000AC)... Critical Unreviewed

CVE-2016-10312 was published May 17, 2022

Sierra Wireless GX 440 devices with ALEOS firmware 4.3.2 allow Embedded_Ace_Set_Task.cgi command... Critical Unreviewed

CVE-2016-5065 was published May 17, 2022

In SolarWinds Log & Event Manager (LEM) before 6.3.1 Hotfix 4, a menu system is encountered when... Critical Unreviewed

CVE-2017-7722 was published May 17, 2022

Previous 1…31…43 Next

Previous 1 2 … 29 30 31 32 33 … 42 43 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,071 advisories