Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

3,328 advisories

Loading
Shell Metacharacter Injection in kelredd-pruview Critical
CVE-2013-1947 was published for kelredd-pruview (RubyGems) Oct 24, 2017
Cocaine Gem OS Command Injection vulnerability Moderate
CVE-2013-4457 was published for cocaine (RubyGems) Oct 24, 2017
Creme Fraiche contains OS Command Injection Critical
CVE-2013-2090 was published for cremefraiche (RubyGems) Oct 24, 2017
Remote Code Execution in electron High
CVE-2018-1000006 was published for electron (npm) Jan 23, 2018
Electron protocol handler browser vulnerable to Command Injection High
CVE-2018-1000118 was published for electron (npm) Mar 26, 2018
Command Injection in pdfinfojs Critical
CVE-2018-3746 was published for pdfinfojs (npm) Jun 7, 2018
Growl before 1.10.0 vulnerable to Command Injection Critical
CVE-2017-16042 was published for growl (npm) Jun 8, 2018
Command Injection in git-dummy-commit Critical
CVE-2018-3785 was published for git-dummy-commit (npm) Aug 21, 2018
Command Injection in macaddress Critical
CVE-2018-13797 was published for macaddress (npm) Sep 6, 2018
Command Injection in egg-scripts Critical
CVE-2018-3786 was published for egg-scripts (npm) Sep 17, 2018
tdunlap607
ps Enables OS Command Injection Critical
CVE-2018-16460 was published for ps (npm) Sep 17, 2018
conference-scheduler-cli Arbitrary Code Execution High
CVE-2018-14572 was published for conference-scheduler-cli (pip) Oct 29, 2018
OS Command Injection in craftercms:crafter-studio High
CVE-2018-19907 was published for org.craftercms:crafter-studio (Maven) Dec 19, 2018
react-dev-utils on Windows vulnerable to Remote Code Execution High
CVE-2018-6342 was published for react-dev-utils (npm) Jan 4, 2019
Potential Command Injection in shell-quote Critical
CVE-2016-10541 was published for shell-quote (npm) Feb 18, 2019
Apache Tomcat OS Command Injection vulnerability High
CVE-2019-0232 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Apr 18, 2019
Command Injection in Xstream Critical
CVE-2013-7285 was published for com.thoughtworks.xstream:xstream (Maven) May 29, 2019
mmabdpr MarkLee131
OS Command Injection in MiniMagick High
CVE-2019-13574 was published for mini_magick (RubyGems) Jul 18, 2019
Nokogiri Command Injection Vulnerability Critical
CVE-2019-5477 was published for nokogiri (RubyGems) Aug 19, 2019
tdunlap607
OS Command Injection in Nexus Yum Repository Plugin High
CVE-2019-5475 was published for org.sonatype.nexus.plugins:nexus-yum-repository-plugin (Maven) Sep 11, 2019
Command Injection in gitlabhook Critical
CVE-2019-5485 was published for gitlabhook (npm) Sep 16, 2019
Remote Code Execution Vulnerability in NPM mongo-express Critical
CVE-2019-10758 was published for mongo-express (npm) Dec 30, 2019
JLLeitschuh
OS command injection in git-diff-apply Critical
CVE-2019-10776 was published for git-diff-apply (npm) Feb 14, 2020
OS command injection in aws-lambda Critical
CVE-2019-10777 was published for aws-lambda (npm) Feb 14, 2020
BibTeX-Ruby vulnerable to OS command injection Critical
CVE-2019-10780 was published for bibtex-ruby (RubyGems) Feb 14, 2020
ProTip! Advisories are also available from the GraphQL API