GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
955 advisories
Filter by severity
Potential Command Injection in printer
Critical
CVE-2014-3741
was published
for
printer
(npm)
Nov 28, 2017
Critical severity vulnerability that affects Haraka
Critical
CVE-2016-1000282
was published
for
Haraka
(npm)
Feb 12, 2019
Command Injection in samsung-remote
Critical
GHSA-xhjx-mfr6-9rr4
was published
for
samsung-remote
(npm)
Sep 1, 2020
Command Injection in gnuplot
Critical
GHSA-cfwc-xjfp-44jg
was published
for
gnuplot
(npm)
Sep 4, 2020
Command Injection in npm-git-publish
Critical
GHSA-49mg-94fc-2fx6
was published
for
npm-git-publish
(npm)
Sep 4, 2020
Command Injection in node-wifi
Critical
GHSA-4x6x-782q-jfc4
was published
for
node-wifi
(npm)
Sep 3, 2020
Command Injection in meta-git
Critical
GHSA-qcff-ffx3-m25c
was published
for
meta-git
(npm)
Sep 4, 2020
Command Injection in traceroute
Critical
GHSA-rjvj-673q-4hfw
was published
for
traceroute
(npm)
Sep 4, 2020
Command Injection in priest-runner
Critical
GHSA-9px9-f7jw-fwhj
was published
for
priest-runner
(npm)
Sep 3, 2020
Command Injection in plotter
Critical
GHSA-65xx-c85x-wg76
was published
for
plotter
(npm)
Sep 4, 2020
Command Injection in bestzip
Critical
GHSA-4qqc-mp5f-ccv4
was published
for
bestzip
(npm)
Sep 2, 2020
active-support impersonates 'activesupport' gem
Critical
CVE-2018-3779
was published
for
active-support
(RubyGems)
Aug 13, 2018
festivaltts4r allows arbitrary command execution
Critical
CVE-2016-10194
was published
for
festivaltts4r
(RubyGems)
Oct 24, 2017
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection...
Critical
Unreviewed
CVE-2022-48123
was published
Jan 20, 2023
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection...
Critical
Unreviewed
CVE-2022-48126
was published
Jan 20, 2023
A Command Injection vulnerability exits in TOTOLINK A3100R <=V4.1.2cu.5050_B20200504 in adm/ntm...
Critical
Unreviewed
CVE-2021-44620
was published
Mar 12, 2022
Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4.1.2cu...
Critical
Unreviewed
CVE-2022-26206
was published
Mar 17, 2022
Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4.1.2cu...
Critical
Unreviewed
CVE-2022-26210
was published
Mar 17, 2022
Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were...
Critical
Unreviewed
CVE-2022-26992
was published
Mar 17, 2022
ProTip!
Advisories are also available from the
GraphQL API