GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,250
Composer 4,350
Erlang 31
GitHub Actions 22
Go 2,119
Maven 5,292
npm 3,778
NuGet 680
pip 3,459
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,747

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

387 advisories

Filter by severity

Sort by

Least recently updated

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed

CVE-2019-20706 was published May 24, 2022

Zoho ManageEngine Asset Explorer 6.5 does not validate the System Center Configuration Manager ... Moderate Unreviewed

CVE-2019-19034 was published May 24, 2022

OS Command Injection in export.php (vulnerable function called from include/functions-article.php... Moderate Unreviewed

CVE-2020-10390 was published May 24, 2022

An issue was discovered in GitLab Community and Enterprise Edition 11.11. A specially crafted... Moderate Unreviewed

CVE-2019-12430 was published May 24, 2022

lib/ajaxHandlers/ajaxAddTemplate.php in rConfig through 3.94 allows remote attackers to execute... Moderate Unreviewed

CVE-2020-10221 was published May 24, 2022

An exploitable command injection vulnerability exists in the iw_webs functionality of the Moxa... Moderate Unreviewed

CVE-2019-5141 was published May 24, 2022

An exploitable command injection vulnerability exists in the iwwebs functionality of the Moxa AWK... Moderate Unreviewed

CVE-2019-5140 was published May 24, 2022

pacman before 5.2 is vulnerable to arbitrary command injection in lib/libalpm/sync.c in the... Moderate Unreviewed

CVE-2019-18183 was published May 24, 2022

pacman before 5.2 is vulnerable to arbitrary command injection in conf.c in the... Moderate Unreviewed

CVE-2019-18182 was published May 24, 2022

The Citrix Receiver wrapper function does not safely handle user supplied input, which may be... Moderate Unreviewed

CVE-2019-18910 was published May 24, 2022

An exploitable command injection vulnerability exists in the /goform/WanParameterSetting... Moderate Unreviewed

CVE-2019-5072 was published May 24, 2022

In radare2 before 3.9.0, a command injection vulnerability exists in bin_symbols() in libr/core... Moderate Unreviewed

CVE-2019-16718 was published May 24, 2022

Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an... Moderate Unreviewed

CVE-2019-1959 was published May 24, 2022

Multiple vulnerabilities in Cisco Enterprise NFV Infrastructure Software (NFVIS) could allow an... Moderate Unreviewed

CVE-2019-1960 was published May 24, 2022

An issue was discovered on D-Link 6600-AP and DWL-3600AP Ax 4.2.0.14 21/03/2019 devices. There is... Moderate Unreviewed

CVE-2019-14337 was published May 24, 2022

The fabric-interconnect component in Cisco Unified Computing System (UCS) allows local users to... Moderate Unreviewed

CVE-2012-4108 was published May 17, 2022

The DrayTek Vigor 2700 router 2.8.3 allows remote attackers to execute arbitrary JavaScript code,... Moderate Unreviewed

CVE-2013-5703 was published May 17, 2022

The commandline interface in Blue Coat Content Analysis System (CAS) 1.1 before 1.1.4.2 allows... Moderate Unreviewed

CVE-2014-2565 was published May 17, 2022

Usermin before 1.600 allows remote attackers to execute arbitrary operating-system commands via... Moderate Unreviewed

CVE-2014-3883 was published May 17, 2022

ASUS JAPAN RT-AC87U routers with firmware 3.0.0.4.378.3754 and earlier, RT-AC68U routers with... Moderate Unreviewed

CVE-2014-7269 was published May 17, 2022

eventapp/lib/gcloud.rb in the ISUCON5 qualifier portal (aka eventapp) web application before 2015... Moderate Unreviewed

CVE-2015-5673 was published May 17, 2022

PC-EGG pWebManager before 3.3.10, and before 2.2.2 for PHP 4.x, allows remote authenticated users... Moderate Unreviewed

CVE-2015-7774 was published May 17, 2022

An unspecified script in the web interface in Cisco Firepower Extensible Operating System 1.1(1... Moderate Unreviewed

CVE-2015-6380 was published May 17, 2022

KDDI HOME SPOT CUBE devices before 2 allow remote authenticated users to execute arbitrary OS... Moderate Unreviewed

CVE-2016-1141 was published May 17, 2022

baserCMS 3.0.2 through 3.0.8 allows remote authenticated users to execute arbitrary OS commands... Moderate Unreviewed

CVE-2015-7769 was published May 17, 2022

Previous 1 2 … 11 12 13 14 15 16 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

387 advisories