Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,267 advisories

Loading
LG N1A1 NAS 3718.510 is affected by: Remote Command Execution. The impact is: execute arbitrary... Critical Unreviewed
CVE-2018-14839 was published May 24, 2022
In the /HNAP1/SetQoSSettings message, the uplink parameter is vulnerable, and the vulnerability... Critical Unreviewed
CVE-2018-19989 was published May 24, 2022
In the /HNAP1/SetWiFiVerifyAlpha message, the WPSPIN parameter is vulnerable, and the... Critical Unreviewed
CVE-2018-19990 was published May 24, 2022
D-Link DIR-822 Rev.B 202KRb06, DIR-822 Rev.C 3.10B06, DIR-860L Rev.B 2.03.B03, DIR-868L Rev.B 2... Critical Unreviewed
CVE-2018-19987 was published May 24, 2022
In the /HNAP1/SetClientInfoDemo message, the AudioMute and AudioEnable parameters are vulnerable,... Critical Unreviewed
CVE-2018-19988 was published May 24, 2022
In the /HNAP1/SetRouterSettings message, the RemotePort parameter is vulnerable, and the... Critical Unreviewed
CVE-2018-19986 was published May 24, 2022
A command injection vulnerability is present that permits an unauthenticated user with access to... Critical Unreviewed
CVE-2018-7084 was published May 24, 2022
The Billion 5200W-T 1.02b.rc5.dt49 router distributed by TrueOnline has a command injection... Critical Unreviewed
CVE-2017-18369 was published May 24, 2022
The ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 v001 / 3.40(ULM.0)b31 router distributed by... Critical Unreviewed
CVE-2017-18368 was published May 24, 2022
gpg-key2ps in signing-party 1.1.x and 2.x before 2.10-1 contains an unsafe shell call enabling... Critical Unreviewed
CVE-2019-11627 was published May 24, 2022
The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG... Critical Unreviewed
CVE-2019-3929 was published May 24, 2022
In Firefox Developer Tools it is possible that pasting the result of the 'Copy as cURL' command... Critical Unreviewed
CVE-2019-9804 was published May 24, 2022
LibreNMS arbitrary OS commands execution Critical
CVE-2018-20434 was published for librenms/librenms (Composer) May 24, 2022
OS Command Injection in GitHub repository yogeshojha/rengine prior to 1.2.0. Critical Unreviewed
CVE-2022-1813 was published May 23, 2022
The web console of FUJITSU Network IPCOM series (IPCOM EX2 IN(3200, 3500), IPCOM EX2 LB(1100,... Critical Unreviewed
CVE-2022-29516 was published May 19, 2022
In Belkin N300 Firmware 1.00.08, the script located at /setting_hidden.asp, which is accessible... Critical Unreviewed
CVE-2022-30105 was published May 19, 2022
The affected On-Premise cnMaestro is vulnerable to execution of code on the cnMaestro hosting... Critical Unreviewed
CVE-2022-1360 was published May 18, 2022
The affected On-Premise cnMaestro allows an unauthenticated attacker to access the cnMaestro... Critical Unreviewed
CVE-2022-1357 was published May 18, 2022
LPAR2RRD in 3.5 and earlier allows remote attackers to execute arbitrary commands due to... Critical Unreviewed
CVE-2014-4981 was published May 17, 2022
The STARTTLS implementation in MailMarshal before 7.2 allows plaintext command injection. Critical Unreviewed
CVE-2014-2727 was published May 17, 2022
Pillow command injection Critical
CVE-2014-3007 was published for pillow (pip) May 17, 2022
The Data Protection extension in the VMware GUI in IBM Tivoli Storage Manager for Virtual... Critical Unreviewed
CVE-2015-7426 was published May 17, 2022
IBM Security Access Manager for Web 7.0 before IF2 and 8.0 before 8.0.1.4 IF3 and Security Access... Critical Unreviewed
CVE-2016-3028 was published May 17, 2022
An unspecified interface in SAP TREX 7.10 Revision 63 allows remote attackers to execute... Critical Unreviewed
CVE-2016-6147 was published May 17, 2022
Cisco Unified Computing System (UCS) Central Software 1.3(1b) and earlier allows remote attackers... Critical Unreviewed
CVE-2016-1352 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database