Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,768
Erlang
35
GitHub Actions
29
Go
2,332
Maven
5,000+
npm
3,965
NuGet
713
pip
3,748
Pub
12
RubyGems
921
Rust
975
Swift
38
Unreviewed advisories
All unreviewed
5,000+

3,690 advisories

Loading
An issue was discovered on Fujitsu ETERNUS CentricStor CS8000 (Control Center) devices before 8... Critical Unreviewed
CVE-2022-31795 was published Jun 21, 2022
A vulnerability in the CLI command-parsing code of the Cisco StarOS operating system for Cisco... High Unreviewed
CVE-2017-6707 was published May 17, 2022
A vulnerability in certain commands of Cisco Elastic Services Controller could allow an... High Unreviewed
CVE-2017-6712 was published May 17, 2022
The web-based GUI in Cisco Cloud Services Platform (CSP) 2100 2.0 allows remote authenticated... High Unreviewed
CVE-2016-6373 was published May 17, 2022
Cisco TelePresence endpoints running either CE or TC software contain a vulnerability that could... Moderate Unreviewed
CVE-2016-6459 was published May 17, 2022
Marval MSM v14.19.0.12476 is vulnerable to OS Command Injection due to the insecure handling of... Critical Unreviewed
CVE-2022-31885 was published Jun 29, 2022
Command injection vulnerability in CWP v0.9.8.1126 that allows normal users to run commands as... High Unreviewed
CVE-2022-25048 was published Jul 8, 2022
Multiple command injection vulnerabilities exist in the web_server action endpoints... Critical Unreviewed
CVE-2022-33312 was published Jul 1, 2022
Multiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities... Critical Unreviewed
CVE-2022-33328 was published Jul 1, 2022
Multiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities... Critical Unreviewed
CVE-2022-33326 was published Jul 1, 2022
Multiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities... Critical Unreviewed
CVE-2022-33327 was published Jul 1, 2022
A vulnerability in a startup script of Cisco IOS XE Software could allow an unauthenticated... Moderate Unreviewed
CVE-2017-6606 was published May 17, 2022
An issue was discovered in phpMyAdmin. A user can execute a remote code execution attack against... High Unreviewed
CVE-2016-6631 was published May 17, 2022
WG-C10 v3.0.79 and earlier allows an attacker to execute arbitrary OS commands via unspecified... High Unreviewed
CVE-2017-2275 was published May 17, 2022
Multiple command injection vulnerabilities exist in the web_server action endpoints... Critical Unreviewed
CVE-2022-33314 was published Jul 1, 2022
Multiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities... Critical Unreviewed
CVE-2022-33329 was published Jul 1, 2022
Command injection in git-it-electron Critical
CVE-2021-44685 was published for git-it-electron (npm) Dec 8, 2021
dwisiswant0
Command injection vulnerability in Druva inSync 6.9.0 for MacOS, allows attackers to execute... High Unreviewed
CVE-2021-36667 was published Jul 13, 2022
IBM Security Guardium 10.0 could allow a remote authenticated attacker to execute arbitrary... Critical Unreviewed
CVE-2017-1253 was published May 17, 2022
HOME SPOT CUBE2 V102 contains an OS command injection vulnerability due to improper processing of... High Unreviewed
CVE-2022-33948 was published Jul 5, 2022
Toshiba Home gateway HEM-GW16A firmware HEM-GW16A-FW-V1.2.0 and earlier. Toshiba Home gateway HEM... Critical Unreviewed
CVE-2017-2237 was published May 17, 2022
A vulnerability in the local-mgmt CLI command of the Cisco Unified Computing System (UCS) Manager... High Unreviewed
CVE-2017-6597 was published May 17, 2022
Atlassian SourceTree v2.5c and prior are affected by a command injection in the handling of the... Critical Unreviewed
CVE-2017-8768 was published May 17, 2022
IBM CICS TX Standard and Advanced 11.1 could allow a remote attacker to execute arbitrary... Critical Unreviewed
CVE-2022-31767 was published Jun 25, 2022
Multiple command injection vulnerabilities exist in the web_server ajax endpoints functionalities... Critical Unreviewed
CVE-2022-33325 was published Jul 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database