Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,057
Maven
5,000+
npm
3,742
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,974 advisories

Loading
In the web management interface in Foscam C1 Indoor HD Camera running application firmware 2.52.2... High Unreviewed
CVE-2017-2843 was published May 13, 2022
An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE... High Unreviewed
CVE-2018-4021 was published May 13, 2022
An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE... High Unreviewed
CVE-2018-4020 was published May 13, 2022
In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2... High Unreviewed
CVE-2017-2846 was published May 13, 2022
An exploitable command injection vulnerability exists in the web management interface used by the... High Unreviewed
CVE-2017-2873 was published May 13, 2022
In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2... High Unreviewed
CVE-2017-2850 was published May 13, 2022
In the web management interface in Foscam C1 Indoor HD cameras with application firmware 2.52.2... High Unreviewed
CVE-2017-2847 was published May 13, 2022
An exploitable command injection vulnerability exists in the way Netgate pfSense CE 2.4.4-RELEASE... High Unreviewed
CVE-2018-4019 was published May 13, 2022
rConfig 3.9.4 and earlier allows authenticated code execution (of system commands) by sending a... High Unreviewed
CVE-2020-13778 was published May 24, 2022
Improper neutralization of special elements used in an OS command in Nagios XI 5.7.3 allows a... High Unreviewed
CVE-2020-5791 was published May 24, 2022
react-dev-utils on Windows vulnerable to Remote Code Execution High
CVE-2018-6342 was published for react-dev-utils (npm) Jan 4, 2019
A command Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.7.5 allows local... High Unreviewed
CVE-2021-31854 was published Jan 20, 2022
A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate... High Unreviewed
CVE-2020-0646 was published May 24, 2022
In Vim before 8.1.0881, users can circumvent the rvim restricted mode and execute arbitrary OS... High Unreviewed
CVE-2019-20807 was published May 24, 2022
A command injection vulnerability in the sandcat plugin of Caldera 2.3.1 and earlier allows... High Unreviewed
CVE-2020-19907 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W,... High Unreviewed
CVE-2021-1148 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016,... High Unreviewed
CVE-2021-1317 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W,... High Unreviewed
CVE-2021-1149 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016,... High Unreviewed
CVE-2021-1316 was published May 24, 2022
OS Command Injection in lifion-verify-deps High
CVE-2021-34078 was published for lifion-verify-deps (npm) Jun 3, 2022
A argument injection vulnerability in the 'packet-trace' CLI command of Zyxel USG/ZyWALL series... High Unreviewed
CVE-2022-26532 was published May 25, 2022
On Netshield NANO 25 10.2.18 devices, /usr/local/webmin/System/manual_ping.cgi allows OS command... High Unreviewed
CVE-2021-3149 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016,... High Unreviewed
CVE-2021-1314 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016,... High Unreviewed
CVE-2021-1315 was published May 24, 2022
Sage X3 System CHAINE Variable Script Command Injection. An authenticated user with developer... High Unreviewed
CVE-2020-7389 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database