Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,071 advisories

Loading
It is found that there is a command injection vulnerability in the setWiFiWpsCfg interface in... Critical Unreviewed
CVE-2022-28583 was published May 6, 2022
It is found that there is a command injection vulnerability in the setOpenVpnCfg interface in... Critical Unreviewed
CVE-2022-28578 was published May 6, 2022
It is found that there is a command injection vulnerability in the setParentalRules interface in... Critical Unreviewed
CVE-2022-28579 was published May 6, 2022
It is found that there is a command injection vulnerability in the delParentalRules interface in... Critical Unreviewed
CVE-2022-28577 was published May 6, 2022
TOTOLINK N600R v5.3c.5507_B20171031 was discovered to contain a command injection vulnerability... Critical Unreviewed
CVE-2022-27411 was published May 6, 2022
An issue was discovered in soap.cgi?service=WANIPConn1 on D-Link DIR-845 before v1.02b03, DIR-600... Critical Unreviewed
CVE-2013-7471 was published May 5, 2022
A Remote Code Execution (RCE) vulnerability exists in Ruijie Networks Ruijie RG-EW Series Routers... Critical Unreviewed
CVE-2021-43163 was published May 5, 2022
Fusionpbx v4.4 and below contains a command injection vulnerability via the download email logs... Critical Unreviewed
CVE-2022-28055 was published May 5, 2022
There is a command injection vulnerability at the /goform/setsambacfg interface of Tenda AC15... Critical Unreviewed
CVE-2022-28557 was published May 5, 2022
OS Command Injection in git-pull-or-clone Critical
CVE-2022-24437 was published for git-pull-or-clone (npm) May 3, 2022
lirantal
Credited to lirantal
D-link 882 DIR882A1_FW130B06 was discovered to contain a command injection vulnerability in`/usr... Critical Unreviewed
CVE-2022-28571 was published May 3, 2022
D-Link DIR-823-Pro v1.0.2 was discovered to contain a command injection vulnerability in the... Critical Unreviewed
CVE-2022-28573 was published May 3, 2022
On certain Ubiquiti devices, Command Injection exists via a GET request to stainfo.cgi (aka Show... Critical Unreviewed
CVE-2010-5330 was published Apr 21, 2022
An issue was discovered on ASMAX AR-804gu 66.34.1 devices. There is Command Injection via the cgi... Critical Unreviewed
CVE-2009-5156 was published Apr 21, 2022
In Python (aka CPython) through 3.10.4, the mailcap module does not add escape characters into... Critical Unreviewed
CVE-2015-20107 was published Apr 14, 2022
Command injection in npm-dependency-versions Critical
CVE-2022-29080 was published for npm-dependency-versions (npm) Apr 13, 2022
p-w
Credited to p-w
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain... Critical Unreviewed
CVE-2022-27268 was published Apr 11, 2022
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain... Critical Unreviewed
CVE-2022-27276 was published Apr 11, 2022
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain... Critical Unreviewed
CVE-2022-27269 was published Apr 11, 2022
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain... Critical Unreviewed
CVE-2022-27271 was published Apr 11, 2022
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain... Critical Unreviewed
CVE-2022-27274 was published Apr 11, 2022
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain... Critical Unreviewed
CVE-2022-27270 was published Apr 11, 2022
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain... Critical Unreviewed
CVE-2022-27273 was published Apr 11, 2022
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain... Critical Unreviewed
CVE-2022-27275 was published Apr 11, 2022
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain... Critical Unreviewed
CVE-2022-27272 was published Apr 11, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database