Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,869
Erlang
29
GitHub Actions
16
Go
1,717
Maven
4,951
npm
3,480
NuGet
605
pip
3,026
Pub
10
RubyGems
832
Rust
776
Swift
34
Unreviewed advisories
All unreviewed
5,000+

2,859 advisories

This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2020-15430 was published May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2020-15606 was published May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2020-15608 was published May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2020-15429 was published May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2020-15607 was published May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2020-15611 was published May 24, 2022
This vulnerability allows remote attackers to execute arbitrary code on affected installations of... High Unreviewed
CVE-2020-15614 was published May 24, 2022
MAHO-PBX NetDevancer Lite/Uni/Pro/Cloud prior to Ver.1.11.00, MAHO-PBX NetDevancer VSG Lite/Uni... Critical Unreviewed
CVE-2023-22279 was published Jan 17, 2023
MAHO-PBX NetDevancer Lite/Uni/Pro/Cloud prior to Ver.1.11.00, MAHO-PBX NetDevancer VSG Lite/Uni... High Unreviewed
CVE-2023-22280 was published Jan 17, 2023
Command Injection in CasaOS Critical
CVE-2022-24193 was published for github.com/IceWhaleTech/CasaOS (Go) Mar 11, 2022
UUNIVERGE WA 1020 Ver8.2.11 and prior, UNIVERGE WA 1510 Ver8.2.11 and prior, UNIVERGE WA 1511... Critical Unreviewed
CVE-2022-25621 was published Mar 12, 2022
Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the wps... Critical Unreviewed
CVE-2022-26998 was published Mar 17, 2022
Arris TR3300 v1.0.13 were discovered to contain a command injection vulnerability in the ddns... Critical Unreviewed
CVE-2022-27002 was published Mar 17, 2022
Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the pppoe... Critical Unreviewed
CVE-2022-26996 was published Mar 17, 2022
Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the pptp ... Critical Unreviewed
CVE-2022-26995 was published Mar 17, 2022
Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the upnp... Critical Unreviewed
CVE-2022-26997 was published Mar 17, 2022
Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the time and... Critical Unreviewed
CVE-2022-27000 was published Mar 17, 2022
Arris TR3300 v1.0.13 was discovered to contain a command injection vulnerability in the static ip... Critical Unreviewed
CVE-2022-26999 was published Mar 17, 2022
Arris TR3300 v1.0.13 were discovered to contain a command injection vulnerability in the dhcp... Critical Unreviewed
CVE-2022-27001 was published Mar 17, 2022
Cisco TelePresence Manager 1.2.x through 1.6.x allows remote attackers to perform unspecified... High Unreviewed
CVE-2011-0381 was published May 17, 2022
The CGI scripts in HP OpenView Network Node Manager (OV NNM) 7.51 and 7.53 do not properly... High Unreviewed
CVE-2011-0271 was published May 17, 2022
Command injection vulnerability in Linksys MR8300 router while Registration to DDNS Service. By... High Unreviewed
CVE-2022-38132 was published Aug 25, 2022
Code injection in npm git Moderate
CVE-2021-23632 was published for git (npm) Mar 18, 2022
** UNSUPPORTED WHEN ASSIGNED ** Improper neutralization of Special Elements leading to OS Command... Critical Unreviewed
CVE-2022-22273 was published Mar 18, 2022
VMware Carbon Black App Control (8.5.x prior to 8.5.14, 8.6.x prior to 8.6.6, 8.7.x prior to 8.7... Critical Unreviewed
CVE-2022-22951 was published Mar 24, 2022
ProTip! Advisories are also available from the GraphQL API