Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,057
Maven
5,000+
npm
3,742
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,974 advisories

Loading
Dr Trust USA iCheck Connect BP Monitor BP Testing 118 1.2.1 is vulnerable to Plain text command... High Unreviewed
CVE-2020-27373 was published Apr 8, 2022
A command injection vulnerability in the protest binary allows an attacker with access to the... High Unreviewed
CVE-2022-1262 was published Apr 12, 2022
An improper neutralization of special elements used in an OS command vulnerability in the command... High Unreviewed
CVE-2021-26116 was published Apr 7, 2022
ASUS RT-AC86U’s LPD service has insufficient filtering for special characters in the user request... High Unreviewed
CVE-2022-25597 was published Apr 8, 2022
A command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30... High Unreviewed
CVE-2022-26413 was published Apr 12, 2022
In Citrix XenMobile Server through 10.12 RP9, there is an Authenticated Command Injection... High Unreviewed
CVE-2021-44520 was published Apr 14, 2022
An authenticated user may be able to misuse parameters to inject arbitrary operating system... High Unreviewed
CVE-2022-0999 was published Apr 12, 2022
OS command injection vulnerability exists in CENTUM VP R4.01.00 to R4.03.00, CENTUM VP Small R4... High Unreviewed
CVE-2022-27188 was published Apr 16, 2022
Zoho ManageEngine ADSelfService Plus before 6122 allows an authenticated user to achieve remote... High Unreviewed
CVE-2022-28810 was published Apr 19, 2022
A vulnerability in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow an... High Unreviewed
CVE-2021-1448 was published May 24, 2022
Prima Systems FlexAir devices allow Authenticated Command Injection resulting in Root Remote Code... High Unreviewed
CVE-2019-7670 was published May 24, 2022
An exploitable vulnerability exists in the notifications functionality of Circle with Disney... High Unreviewed
CVE-2017-2917 was published May 13, 2022
An OS Command Injection vulnerability in the PAN-OS management interface that allows... High Unreviewed
CVE-2020-2038 was published May 24, 2022
An exploitable command injection vulnerability exists in the web management interface used by the... High Unreviewed
CVE-2017-2845 was published May 13, 2022
In the web management interface in Foscam C1 Indoor HD Camera running application firmware 2.52.2... High Unreviewed
CVE-2017-2842 was published May 13, 2022
In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2... High Unreviewed
CVE-2017-2844 was published May 13, 2022
An exploitable command injection vulnerability exists in the web management interface used by the... High Unreviewed
CVE-2017-2832 was published May 13, 2022
An exploitable command injection vulnerability exists in the web management interface used by the... High Unreviewed
CVE-2017-2827 was published May 13, 2022
vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on... High Unreviewed
CVE-2011-2523 was published Apr 22, 2022
In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2... High Unreviewed
CVE-2017-2848 was published May 13, 2022
An exploitable command injection vulnerability exists in the web management interface used by the... High Unreviewed
CVE-2017-2841 was published May 13, 2022
An exploitable command injection vulnerability exists in the web management interface used by the... High Unreviewed
CVE-2017-2833 was published May 13, 2022
An exploitable command injection vulnerability exists in the web management interface used by the... High Unreviewed
CVE-2017-2828 was published May 13, 2022
OS Command Injection in Jenkins High
CVE-2017-1000393 was published for org.jenkins-ci.main:jenkins-core (Maven) May 14, 2022
In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2... High Unreviewed
CVE-2017-2849 was published May 13, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database