Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

959 advisories

Loading
OS Command Injection in devcert-sanscache Critical
CVE-2019-10778 was published for devcert-sanscache (npm) Apr 14, 2020
curlrequest allows execution of arbitrary commands Critical
CVE-2020-7646 was published for curlrequest (npm) May 13, 2020
OS command injection in aws-lambda Critical
CVE-2019-10777 was published for aws-lambda (npm) Feb 14, 2020
OS command injection in git-diff-apply Critical
CVE-2019-10776 was published for git-diff-apply (npm) Feb 14, 2020
Command Injection in macaddress Critical
CVE-2018-13797 was published for macaddress (npm) Sep 6, 2018
Command Injection in Kylin Critical
CVE-2020-13925 was published for org.apache.kylin:kylin-server-base (Maven) Jul 27, 2020
Command Injection in pdf-image Critical
CVE-2018-3757 was published for pdf-image (npm) Sep 1, 2020
OS Command Injection in node-opencv Critical
CVE-2019-10061 was published for opencv (npm) Oct 12, 2021
Growl before 1.10.0 vulnerable to Command Injection Critical
CVE-2017-16042 was published for growl (npm) Jun 8, 2018
Arbitrary Code Execution in require-node Critical
GHSA-8j6j-4h2c-c65p was published for require-node (npm) Sep 3, 2020
thenify before 3.3.1 made use of unsafe calls to `eval`. Critical
CVE-2020-7677 was published for org.webjars.npm:thenify (Maven) Jul 18, 2022
OS Command Injection in awesome spawn Critical
CVE-2014-0156 was published for awesome_spawn (RubyGems) Jul 1, 2022
BenK0lin
MAHO-PBX NetDevancer Lite/Uni/Pro/Cloud prior to Ver.1.11.00, MAHO-PBX NetDevancer VSG Lite/Uni... Critical Unreviewed
CVE-2023-22279 was published Jan 17, 2023
Command Injection in CasaOS Critical
CVE-2022-24193 was published for github.com/IceWhaleTech/CasaOS (Go) Mar 11, 2022
UUNIVERGE WA 1020 Ver8.2.11 and prior, UNIVERGE WA 1510 Ver8.2.11 and prior, UNIVERGE WA 1511... Critical Unreviewed
CVE-2022-25621 was published Mar 12, 2022
Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the wps... Critical Unreviewed
CVE-2022-26998 was published Mar 17, 2022
Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the static ip... Critical Unreviewed
CVE-2022-26999 was published Mar 17, 2022
Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the upnp... Critical Unreviewed
CVE-2022-26997 was published Mar 17, 2022
Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the time and... Critical Unreviewed
CVE-2022-27000 was published Mar 17, 2022
Arris TR3300 v1.0.13 were discovered to contain a command injection vulnerability in the ddns... Critical Unreviewed
CVE-2022-27002 was published Mar 17, 2022
Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the pppoe... Critical Unreviewed
CVE-2022-26996 was published Mar 17, 2022
Arris TR3300 v1.0.13 were discovered to contain a command injection vulnerability in the dhcp... Critical Unreviewed
CVE-2022-27001 was published Mar 17, 2022
Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the pptp ... Critical Unreviewed
CVE-2022-26995 was published Mar 17, 2022
** UNSUPPORTED WHEN ASSIGNED ** Improper neutralization of Special Elements leading to OS Command... Critical Unreviewed
CVE-2022-22273 was published Mar 18, 2022
VMware Carbon Black App Control (8.5.x prior to 8.5.14, 8.6.x prior to 8.6.6, 8.7.x prior to 8.7... Critical Unreviewed
CVE-2022-22951 was published Mar 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database