Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,120 advisories

Loading
Command Injection in Tenda G1 and G3 routers with firmware versions v15.11.0.17(9502)_CN or v15... Critical Unreviewed
CVE-2021-27692 was published May 24, 2022
PROSCEND - PROSCEND / ADVICE .Ltd - G/5G Industrial Cellular Router (with GPS)4 Unauthenticated... Critical Unreviewed
CVE-2022-36779 was published Sep 14, 2022
Improper Neutralization of Special Elements used in an OS Command in Blamer Critical
CVE-2019-10807 was published for blamer (npm) May 24, 2022
OS Command Injection in git-pull-or-clone Critical
CVE-2022-24437 was published for git-pull-or-clone (npm) May 3, 2022
lirantal
A flaw was found in WebSVN 2.3.2. Without prior authentication, if the 'allowDownload' option is... Critical Unreviewed
CVE-2011-2195 was published Apr 22, 2022
A CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection... Critical Unreviewed
CVE-2021-22795 was published Apr 14, 2022
A flaw was found in Exuberant Ctags in the way it handles the "-o" option. This option specifies... Critical Unreviewed
CVE-2022-4515 was published Dec 20, 2022
Dell VNX2 for file version 8.1.21.266 and earlier, contain an unauthenticated remote code... Critical Unreviewed
CVE-2021-36287 was published Apr 9, 2022
totolink a3100r V5.9c.4577 is vulnerable to os command injection. The backend of a page is... Critical Unreviewed
CVE-2021-46007 was published Apr 1, 2022
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-26290 was published Mar 25, 2022
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-27078 was published Mar 25, 2022
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-27082 was published Mar 25, 2022
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-27077 was published Mar 25, 2022
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-27079 was published Mar 25, 2022
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-27080 was published Mar 25, 2022
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-27081 was published Mar 25, 2022
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-26289 was published Mar 25, 2022
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-27076 was published Mar 25, 2022
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-26536 was published Mar 25, 2022
Tenda M3 1.10 V1.0.0.12(4856) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-27083 was published Mar 25, 2022
VMware Carbon Black App Control (8.5.x prior to 8.5.14, 8.6.x prior to 8.6.6, 8.7.x prior to 8.7... Critical Unreviewed
CVE-2022-22951 was published Mar 24, 2022
A vulnerability exists in the SaveConfigFile function of the RACompare Service, which may allow... Critical Unreviewed
CVE-2021-27476 was published Mar 24, 2022
** UNSUPPORTED WHEN ASSIGNED ** Improper neutralization of Special Elements leading to OS Command... Critical Unreviewed
CVE-2022-22273 was published Mar 18, 2022
Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the upnp... Critical Unreviewed
CVE-2022-26997 was published Mar 17, 2022
Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the pptp ... Critical Unreviewed
CVE-2022-26995 was published Mar 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database