GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,079 advisories
Filter by severity
High severity vulnerability that affects indico
High
GHSA-67cx-rhhq-mfhq
was published
for
indico
(pip)
Oct 11, 2019
Potential Command Injection in codem-transcode
High
CVE-2013-7377
was published
for
codem-transcode
(npm)
Nov 28, 2017
Command Injection in cocos-utils
High
GHSA-rffp-mc78-wjf7
was published
for
cocos-utils
(npm)
Sep 2, 2020
Unauthenticated Remote Command Injection in ep_imageconvert
High
CVE-2013-3364
was published
for
ep_imageconvert
(npm)
Aug 31, 2020
Command Injection in expressfs
High
GHSA-mxmj-84q8-34r7
was published
for
expressfs
(npm)
Sep 3, 2020
Command Injection in soletta-dev-app
High
GHSA-8mgg-5x65-m4m4
was published
for
soletta-dev-app
(npm)
Sep 11, 2020
Command Injection in entitlements
High
GHSA-g8vp-6hv4-m67c
was published
for
entitlements
(npm)
Sep 11, 2020
Improper sanitization of branch names in GitLab Runner affecting all versions prior to 15.3.5, 15...
High
Unreviewed
CVE-2022-2251
was published
Jan 17, 2023
In ims service, there is a possible AT command injection due to a missing permission check. This...
High
Unreviewed
CVE-2022-20054
was published
Mar 11, 2022
Okta Advanced Server Access Client for Linux and macOS prior to version 1.58.0 was found to be...
High
Unreviewed
CVE-2022-1030
was published
Mar 24, 2022
The snaptPowered2 component of Snapt Aria v12.8 was discovered to contain a command injection...
High
Unreviewed
CVE-2022-24237
was published
Mar 22, 2022
Improper neutralization of special elements used in a command ('Command Injection') vulnerability...
High
Unreviewed
CVE-2022-22688
was published
Mar 26, 2022
Multiple improper neutralization of special elements used in a command vulnerabilities [CWE-77]...
High
Unreviewed
CVE-2021-36180
was published
Dec 9, 2021
ProTip!
Advisories are also available from the
GraphQL API