Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,071 advisories

Loading
An Access Control vulnerability exists in D-Link DIR-823G REVA1 1.02B05 (Lastest) via any... Critical Unreviewed
CVE-2021-43474 was published Apr 9, 2022
A command injection vulnerability in the API of the Wavlink WL-WN531P3 router, version M31G3... Critical Unreviewed
CVE-2022-23900 was published Apr 8, 2022
A command injection vulerability found in quick game engine allows arbitrary remote code in quick... Critical Unreviewed
CVE-2021-23247 was published Apr 3, 2022
An attacker could leverage an API to pass along a malicious file that could then manipulate the... Critical Unreviewed
CVE-2021-32933 was published Apr 3, 2022
Command Injection Vulnerability with Mercurial in VCS Critical
CVE-2022-21235 was published for github.com/Masterminds/vcs (Go) Apr 1, 2022
dellalibera
Credited to dellalibera
A Remote Command Injection vulnerability exists in DrayTek Vigor 2960 1.5.1.3, DrayTek Vigor 3900... Critical Unreviewed
CVE-2021-43118 was published Mar 30, 2022
D-Link DIR-816 A2 1.10 B05 allows unauthenticated attackers to arbitrarily reset the device via a... Critical Unreviewed
CVE-2021-31326 was published Mar 25, 2022
ZZZCMS zzzphp v2.1.0 was discovered to contain a remote command execution (RCE) vulnerability via... Critical Unreviewed
CVE-2022-23881 was published Mar 24, 2022
TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection... Critical Unreviewed
CVE-2022-26187 was published Mar 23, 2022
TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection... Critical Unreviewed
CVE-2022-26188 was published Mar 23, 2022
TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection... Critical Unreviewed
CVE-2022-26189 was published Mar 23, 2022
TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection... Critical Unreviewed
CVE-2022-26186 was published Mar 23, 2022
DWSurvey v3.2.0 was discovered to contain a remote command execution (RCE) vulnerability via the... Critical Unreviewed
CVE-2021-39383 was published Mar 22, 2022
Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by unauthenticated command injection.... Critical Unreviewed
CVE-2021-45876 was published Mar 22, 2022
Remote Code Execution in Contao Managed Edition Critical
CVE-2022-26265 was published for contao/managed-edition (Composer) Mar 20, 2022
An issue was discovered in Pascom Cloud Phone System before 7.20.x. In the management REST API, ... Critical Unreviewed
CVE-2021-45966 was published Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the schedendtime parameter... Critical Unreviewed
CVE-2022-25427 was published Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the deviceId parameter in... Critical Unreviewed
CVE-2022-25428 was published Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the firewallen parameter in... Critical Unreviewed
CVE-2022-25434 was published Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the urls parameter in the... Critical Unreviewed
CVE-2022-25433 was published Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a buffer overflow via the time parameter in the... Critical Unreviewed
CVE-2022-25429 was published Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain multiple stack overflows via the NPTR, V12, V10... Critical Unreviewed
CVE-2022-25431 was published Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the... Critical Unreviewed
CVE-2022-25437 was published Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the... Critical Unreviewed
CVE-2022-25435 was published Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the ntpserver parameter in... Critical Unreviewed
CVE-2022-25440 was published Mar 19, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database