GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,653
Erlang
29
GitHub Actions
16
Go
1,706
Maven
4,938
npm
3,471
NuGet
603
pip
2,985
Pub
10
RubyGems
826
Rust
772
Swift
34
Unreviewed advisories
All unreviewed
5,000+
1,998 advisories
Filter by severity
Command Injection in @ronomon/opened
Critical
CVE-2021-29300
was published
for
@ronomon/opened
(npm)
Jun 8, 2021
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the firewallen parameter in...
Critical
Unreviewed
CVE-2022-25434
was published
Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the...
Critical
Unreviewed
CVE-2022-25437
was published
Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain multiple stack overflows via the NPTR, V12, V10...
Critical
Unreviewed
CVE-2022-25431
was published
Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a remote command execution (RCE) vulnerability...
Critical
Unreviewed
CVE-2022-25438
was published
Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the ntpserver parameter in...
Critical
Unreviewed
CVE-2022-25440
was published
Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a buffer overflow via the time parameter in the...
Critical
Unreviewed
CVE-2022-25429
was published
Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the urls parameter in the...
Critical
Unreviewed
CVE-2022-25433
was published
Mar 19, 2022
Remote Code Execution in Contao Managed Edition
Critical
CVE-2022-26265
was published
for
contao/managed-edition
(Composer)
Mar 20, 2022
TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection...
Critical
Unreviewed
CVE-2022-26189
was published
Mar 23, 2022
TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection...
Critical
Unreviewed
CVE-2022-26186
was published
Mar 23, 2022
Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by unauthenticated command injection....
Critical
Unreviewed
CVE-2021-45876
was published
Mar 22, 2022
DWSurvey v3.2.0 was discovered to contain a remote command execution (RCE) vulnerability via the...
Critical
Unreviewed
CVE-2021-39383
was published
Mar 22, 2022
ZZZCMS zzzphp v2.1.0 was discovered to contain a remote command execution (RCE) vulnerability via...
Critical
Unreviewed
CVE-2022-23881
was published
Mar 24, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a remote command execution (RCE) vulnerability...
Critical
Unreviewed
CVE-2022-25441
was published
Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the deviceId parameter in...
Critical
Unreviewed
CVE-2022-25428
was published
Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the...
Critical
Unreviewed
CVE-2022-25435
was published
Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the schedendtime parameter...
Critical
Unreviewed
CVE-2022-25427
was published
Mar 19, 2022
The snaptPowered2 component of Snapt Aria v12.8 was discovered to contain a command injection...
High
Unreviewed
CVE-2022-24237
was published
Mar 22, 2022
Okta Advanced Server Access Client for Linux and macOS prior to version 1.58.0 was found to be...
High
Unreviewed
CVE-2022-1030
was published
Mar 24, 2022
TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection...
Critical
Unreviewed
CVE-2022-26188
was published
Mar 23, 2022
TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection...
Critical
Unreviewed
CVE-2022-26187
was published
Mar 23, 2022
An issue was discovered in Pascom Cloud Phone System before 7.20.x. In the management REST API, ...
Critical
Unreviewed
CVE-2021-45966
was published
Mar 19, 2022
ProTip!
Advisories are also available from the
GraphQL API