GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,974 advisories
Filter by severity
codecov NPM module allows remote attackers to execute arbitrary commands
High
CVE-2020-7597
was published
for
codecov
(npm)
Feb 19, 2020
Electron protocol handler browser vulnerable to Command Injection
High
CVE-2018-1000118
was published
for
electron
(npm)
Mar 26, 2018
OS Command Injection in craftercms:crafter-studio
High
CVE-2018-19907
was published
for
org.craftercms:crafter-studio
(Maven)
Dec 19, 2018
Remote Code Execution in electron
High
CVE-2018-1000006
was published
for
electron
(npm)
Jan 23, 2018
Command Injection in git-tags-remote
High
GHSA-gm9x-q798-hmr4
was published
for
git-tags-remote
(npm)
Jul 29, 2020
Exposure of server configuration in github.com/go-vela/server
High
CVE-2020-26294
was published
for
github.com/go-vela/compiler
(Go)
Feb 15, 2022
Certain TP-Link devices allow Command Injection. This affects NC200 2.1.9 build 200225, NC210 1.0...
High
Unreviewed
CVE-2020-12109
was published
May 24, 2022
NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can inject...
High
Unreviewed
CVE-2022-42279
was published
Jan 13, 2023
NVIDIA BMC contains a vulnerability in SPX REST API, where an authorized attacker can inject...
High
Unreviewed
CVE-2022-42290
was published
Jan 13, 2023
There is an OS Command Injection in Mida eFramework through 2.9.0 that allows an attacker to...
High
Unreviewed
CVE-2020-15920
was published
May 24, 2022
InHand Networks InRouter 302, prior to version IR302 V3.5.56, and InRouter 615, prior to version...
High
Unreviewed
CVE-2023-22598
was published
Jan 13, 2023
Artica Web Proxy 4.30.000000 allows an authenticated remote attacker to inject commands via the...
High
Unreviewed
CVE-2020-17505
was published
May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2020-15420
was published
May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2020-15426
was published
May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2020-15613
was published
May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2020-15433
was published
May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2020-15610
was published
May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2020-15432
was published
May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2020-15424
was published
May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2020-15427
was published
May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2020-15434
was published
May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2020-15423
was published
May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2020-15422
was published
May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of...
High
Unreviewed
CVE-2020-15435
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API