GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,795

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

287 advisories

Filter by severity

Sort by

Least recently updated

Rostelecom CS-C2SHW 5.0.082.1 is affected by: Bash command injection. The camera reads... Moderate Unreviewed

CVE-2020-27542 was published May 24, 2022

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed

CVE-2020-35790 was published May 24, 2022

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed

CVE-2020-35791 was published May 24, 2022

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed

CVE-2020-35792 was published May 24, 2022

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed

CVE-2020-35793 was published May 24, 2022

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed

CVE-2020-35794 was published May 24, 2022

Some Huawei products have a command injection vulnerability. Due to insufficient input validation... Moderate Unreviewed

CVE-2020-9127 was published May 24, 2022

Several potential command injections vulnerabilities exist in the AT command interface of ALEOS... Moderate Unreviewed

CVE-2019-11853 was published May 24, 2022

Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... Moderate Unreviewed

CVE-2019-17101 was published May 24, 2022

iCatch DVR do not validate function parameter properly, resulting attackers executing arbitrary... Moderate Unreviewed

CVE-2020-10514 was published May 24, 2022

The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a... Moderate Unreviewed

CVE-2020-6811 was published May 24, 2022

In GraphicsMagick before 1.3.32, the text filename component allows remote attackers to read... Moderate Unreviewed

CVE-2019-12921 was published May 24, 2022

cPanel before 64.0.21 allows demo accounts to execute Cpanel::SPFUI API commands (SEC-246). Moderate Unreviewed

CVE-2017-18442 was published May 24, 2022

cPanel before 11.54.0.4 allows certain file-chmod operations in scripts/secureit (SEC-82). Moderate Unreviewed

CVE-2016-10849 was published May 24, 2022

Xiaomi Stock Browser 10.2.4.g on Xiaomi Redmi Note 5 Pro devices and other Redmi Android phones... Moderate Unreviewed

CVE-2018-20523 was published May 24, 2022

The web interface in BitTorrent allows remote attackers to execute arbitrary commands by... Moderate Unreviewed

CVE-2014-8515 was published May 17, 2022

cgi-bin/iptablesgui.cgi in IPCop (aka IPCop Firewall) before 2.1.5 allows remote authenticated... Moderate Unreviewed

CVE-2013-7418 was published May 17, 2022

Common LaTeX Service Interface (CLSI) before 0.1.3, as used in ShareLaTeX before 0.1.3, allows... Moderate Unreviewed

CVE-2015-0934 was published May 17, 2022

cloner.functions.php in the XCloner plugin 3.1.2 for WordPress allows remote authenticated users... Moderate Unreviewed

CVE-2015-4336 was published May 17, 2022

rubygem-openshift-origin-console in Red Hat OpenShift 2.2 allows remote authenticated users to... Moderate Unreviewed

CVE-2015-5274 was published May 17, 2022

Zenoss Core through 5 Beta 3 does not require a password for modifying the pager command string,... Moderate Unreviewed

CVE-2014-6260 was published May 17, 2022

Watchguard XCS 9.2 and 10.0 before build 150522 allow remote authenticated users to execute... Moderate Unreviewed

CVE-2015-5453 was published May 17, 2022

The management console on the Symantec Web Gateway (SWG) appliance before 5.2.2 allows remote... Moderate Unreviewed

CVE-2014-7285 was published May 17, 2022

Bugzilla before 4.0.16, 4.1.x and 4.2.x before 4.2.12, 4.3.x and 4.4.x before 4.4.7, and 5.x... Moderate Unreviewed

CVE-2014-8630 was published May 17, 2022

An issue was discovered in Tesla Motors Model S automobile, all firmware versions before version... Moderate Unreviewed

CVE-2016-9337 was published May 17, 2022

Previous 1 2 … 6 7 8 9 10 11 12 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

287 advisories