Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

938 advisories

Loading
A command injection vulnerability was discovered in the HNAP1 protocol in D-Link DIR-823G devices... Critical Unreviewed
CVE-2020-25368 was published May 24, 2022
C-DATA FD702XW-X-R430 v2.1.13_X001 was discovered to contain a command injection vulnerability... Critical Unreviewed
CVE-2022-29337 was published May 25, 2022
A remote command execution vulnerability exists in add_server_service of PPTP_SERVER in Mercury... Critical Unreviewed
CVE-2020-22724 was published May 24, 2022
TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in function... Critical Unreviewed
CVE-2021-42885 was published Jun 4, 2022
TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in function... Critical Unreviewed
CVE-2021-42890 was published Jun 4, 2022
A command injection in the command parameter of Razer Sila Gaming Router v2.0.441_api-2.0.418... Critical Unreviewed
CVE-2022-29013 was published Jun 10, 2022
TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in function... Critical Unreviewed
CVE-2021-42884 was published Jun 4, 2022
An command injection vulnerability in HNAP1/SetWLanApcliSettings of Motorola CX2 router CX 1.0.2... Critical Unreviewed
CVE-2020-21937 was published May 24, 2022
In ProLink PRC2402M V1.0.18 and older, the set_sys_cmd function in the adm.cgi binary, accessible... Critical Unreviewed
CVE-2021-36706 was published May 24, 2022
Several high privileged APIs on the Vizio P65-F1 6.0.31.4-2 and E50x-E1 10.0.31.4-2 Smart TVs do... Critical Unreviewed
CVE-2021-27944 was published May 24, 2022
An exploitable unatuhenticated command injection exists in the OpenClinic GA 5.173.3. Specially... Critical Unreviewed
CVE-2020-27227 was published May 24, 2022
TOTOLINK EX1200T V4.1.2cu.5215 contains a remote command injection vulnerability in the function... Critical Unreviewed
CVE-2021-42875 was published Jun 3, 2022
opensysusers through 0.6 does not safely use eval on files in sysusers.d that may contain shell... Critical Unreviewed
CVE-2021-40084 was published May 24, 2022
An issue in craigms/main.php of CraigMS 1.0 allows attackers to execute arbitrary commands via a... Critical Unreviewed
CVE-2020-18048 was published May 24, 2022
An issue in adm.cgi of WAVLINK AERIAL X 1200M M79X3.V5030.180719 allows attackers to execute... Critical Unreviewed
CVE-2022-31311 was published Jun 15, 2022
A vulnerability was found in eprintsug ulcc-core. It has been declared as critical. Affected by... Critical Unreviewed
CVE-2021-4304 was published Jan 5, 2023
scripts/license.pl in Veritas NetBackup Appliance 2.6.0.x through 2.6.0.4, 2.6.1.x through 2.6.1... Critical Unreviewed
CVE-2016-7399 was published May 17, 2022
Tenda AC18 router V15.03.05.19 and V15.03.05.05 was discovered to contain a remote code execution... Critical Unreviewed
CVE-2022-31446 was published Jun 15, 2022
In Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb, the "PING" (aka tag_ipPing)... Critical Unreviewed
CVE-2017-9980 was published May 17, 2022
ASUS RT-N53 3.0.0.4.376.3754 has a command injection vulnerability in the SystemCmd parameter of... Critical Unreviewed
CVE-2022-31874 was published Jun 18, 2022
D-Link DIR-645 v1.03 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-32092 was published Jun 28, 2022
Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-34596 was published Jul 7, 2022
Array Networks AG/vxAG with ArrayOS AG before 9.4.0.469 allows unauthenticated command injection... Critical Unreviewed
CVE-2022-42897 was published Oct 13, 2022
VMware Horizon View Client (2.x, 3.x and 4.x prior to 4.5.0) contains a command injection... Critical Unreviewed
CVE-2017-4918 was published May 17, 2022
Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-34597 was published Jul 7, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database