Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,411
Erlang
33
GitHub Actions
22
Go
2,146
Maven
5,000+
npm
3,808
NuGet
687
pip
3,481
Pub
12
RubyGems
897
Rust
899
Swift
38
Unreviewed advisories
All unreviewed
5,000+

3,441 advisories

Loading
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2020-15422 was published May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2020-15435 was published May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2020-15428 was published May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2020-15430 was published May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2020-15611 was published May 24, 2022
MAHO-PBX NetDevancer Lite/Uni/Pro/Cloud prior to Ver.1.11.00, MAHO-PBX NetDevancer VSG Lite/Uni... High Unreviewed
CVE-2023-22280 was published Jan 17, 2023
MAHO-PBX NetDevancer Lite/Uni/Pro/Cloud prior to Ver.1.11.00, MAHO-PBX NetDevancer VSG Lite/Uni... Critical Unreviewed
CVE-2023-22279 was published Jan 17, 2023
Command Injection in CasaOS Critical
CVE-2022-24193 was published for github.com/IceWhaleTech/CasaOS (Go) Mar 11, 2022
UUNIVERGE WA 1020 Ver8.2.11 and prior, UNIVERGE WA 1510 Ver8.2.11 and prior, UNIVERGE WA 1511... Critical Unreviewed
CVE-2022-25621 was published Mar 12, 2022
Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the wps... Critical Unreviewed
CVE-2022-26998 was published Mar 17, 2022
Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the static ip... Critical Unreviewed
CVE-2022-26999 was published Mar 17, 2022
Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the time and... Critical Unreviewed
CVE-2022-27000 was published Mar 17, 2022
Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the pptp ... Critical Unreviewed
CVE-2022-26995 was published Mar 17, 2022
Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the pppoe... Critical Unreviewed
CVE-2022-26996 was published Mar 17, 2022
Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the upnp... Critical Unreviewed
CVE-2022-26997 was published Mar 17, 2022
Arris TR3300 v1.0.13 were discovered to contain a command injection vulnerability in the ddns... Critical Unreviewed
CVE-2022-27002 was published Mar 17, 2022
Arris TR3300 v1.0.13 were discovered to contain a command injection vulnerability in the dhcp... Critical Unreviewed
CVE-2022-27001 was published Mar 17, 2022
Cisco TelePresence Manager 1.2.x through 1.6.x allows remote attackers to perform unspecified... High Unreviewed
CVE-2011-0381 was published May 17, 2022
The CGI scripts in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 do not properly... High Unreviewed
CVE-2011-0271 was published May 17, 2022
Command injection vulnerability in Linksys MR8300 router while Registration to DDNS Service. By... High Unreviewed
CVE-2022-38132 was published Aug 25, 2022
** UNSUPPORTED WHEN ASSIGNED ** Improper neutralization of Special Elements leading to OS Command... Critical Unreviewed
CVE-2022-22273 was published Mar 18, 2022
Code injection in npm git Moderate
CVE-2021-23632 was published for git (npm) Mar 18, 2022
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-26536 was published Mar 25, 2022
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-27083 was published Mar 25, 2022
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-27076 was published Mar 25, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database