Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,267 advisories

Loading
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an... Critical Unreviewed
CVE-2021-1140 was published May 24, 2022
DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain an OS Command Injection Vulnerability... Critical Unreviewed
CVE-2020-29495 was published May 24, 2022
UNIVERGE SV9500 series from V1 to V7and SV8500 series from S6 to S8 allows an attacker to execute... Critical Unreviewed
CVE-2020-5685 was published May 24, 2022
** UNSUPPORTED WHEN ASSIGNED ** EVOLUCARE ECSIMAGING (aka ECS Imaging) through 6.21.5 has an OS... Critical Unreviewed
CVE-2021-3029 was published May 24, 2022
Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile... Critical Unreviewed
CVE-2020-26085 was published May 24, 2022
oal_ipt_addBridgeIsolationRules on TP-Link TL-WR840N 6_EU_0.9.1_4.16 devices allows OS command... Critical Unreviewed
CVE-2020-36178 was published May 24, 2022
HGiga MailSherlock does not validate specific parameters properly. Attackers can use the... Critical Unreviewed
CVE-2020-35851 was published May 24, 2022
USVN (aka User-friendly SVN) before 1.0.9 allows remote code execution via shell metacharacters... Critical Unreviewed
CVE-2020-17363 was published May 24, 2022
KLog Server 2.4.1 allows OS command injection via shell metacharacters in the actions... Critical Unreviewed
CVE-2020-35729 was published May 24, 2022
Belkin LINKSYS RE6500 devices before 1.0.012.001 allow remote attackers to execute arbitrary... Critical Unreviewed
CVE-2020-35713 was published May 24, 2022
Remote Command Execution (RCE) vulnerability in TerraMaster TOS <= 4.2.06 allow remote... Critical Unreviewed
CVE-2020-28188 was published May 24, 2022
An unauthenticated command-execution vulnerability exists in TerraMaster TOS through 4.2.06 via... Critical Unreviewed
CVE-2020-35665 was published May 24, 2022
An issue was discovered in URVE Build 24.03.2020. By using the _internal/pc/vpro.php?mac=0&ip=0... Critical Unreviewed
CVE-2020-29552 was published May 24, 2022
The reported vulnerability allows an attacker who has network access to the device to execute... Critical Unreviewed
CVE-2020-12522 was published May 24, 2022
iCMS 7 attackers to execute arbitrary OS commands via shell metacharacters in the DB_PREFIX... Critical Unreviewed
CVE-2020-19142 was published May 24, 2022
iCMS 7.0.14 attackers to execute arbitrary OS commands via shell metacharacters in the DB_NAME... Critical Unreviewed
CVE-2020-19527 was published May 24, 2022
Network Analysis functionality in Askey AP5100W_Dual_SIG_1.01.097 and all prior versions allows... Critical Unreviewed
CVE-2020-15357 was published May 24, 2022
SAP Business Warehouse, versions - 700, 701, 702, 731, 740, 750, 751, 752, 753, 754, 755, 782,... Critical Unreviewed
CVE-2020-26838 was published May 24, 2022
Zeroshell 3.9.3 contains a command injection vulnerability in the /cgi-bin/kerbynet... Critical Unreviewed
CVE-2020-29390 was published May 24, 2022
A vulnerability in the web-based management interface of Cisco DNA Spaces Connector could allow... Critical Unreviewed
CVE-2020-3586 was published May 24, 2022
Exposed Erlang Cookie could lead to Remote Command Execution (RCE) attack. Communication between... Critical Unreviewed
CVE-2020-24719 was published May 24, 2022
SaltStack Salt Command Injection in netapi ssh client Critical
CVE-2020-16846 was published for salt (pip) May 24, 2022
If exploited, this command injection vulnerability could allow remote attackers to execute... Critical Unreviewed
CVE-2018-19950 was published May 24, 2022
osCommerce Phoenix CE before 1.0.5.4 allows OS command injection remotely. Within admin/mail.php,... Critical Unreviewed
CVE-2020-27976 was published May 24, 2022
An issue was discovered on Western Digital My Cloud NAS devices before 5.04.114. They allow... Critical Unreviewed
CVE-2020-27744 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database