Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,293 advisories

Loading
Synology Photo Station before 6.3-2958 allows remote authenticated guest users to execute... High Unreviewed
CVE-2016-10322 was published May 17, 2022
The fix_lookup_id function in sealert in setroubleshoot before 3.2.23 allows local users to... High Unreviewed
CVE-2016-4445 was published May 17, 2022
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameter... Critical Unreviewed
CVE-2022-35525 was published Aug 11, 2022
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 api.cgi has no filtering on parameter ufconf... Critical Unreviewed
CVE-2022-35520 was published Aug 11, 2022
WAVLINK WN572HP3, WN533A8, WN530H4, WN535G3, WN531P3 adm.cgi has no filtering on parameters:... Critical Unreviewed
CVE-2022-35522 was published Aug 11, 2022
A crafted configuration packet sent by an authenticated administrative user can be used to... High Unreviewed
CVE-2021-23862 was published Dec 9, 2021
Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-34595 was published Jul 7, 2022
A command injection vulnerability in Juniper Networks NorthStar Controller Application prior to... Moderate Unreviewed
CVE-2017-2324 was published May 17, 2022
Totolink A830R V5.9c.4729_B20191112, Totolink A3100R V4.1.2cu.5050_B20200504, Totolink A950RG V4... High Unreviewed
CVE-2022-28935 was published Jul 7, 2022
An access control issue in Ingredient Stock Management System v1.0 allows attackers to take over... Critical Unreviewed
CVE-2022-32310 was published Jul 6, 2022
Tenda AX1806 v1.0.0.1 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-34597 was published Jul 7, 2022
Command Injection vulnerability in the web interface in McAfee Advanced Threat Defense (ATD) 3.10... High Unreviewed
CVE-2017-4054 was published May 17, 2022
VMware Horizon View Client (2.x, 3.x and 4.x prior to 4.5.0) contains a command injection... Critical Unreviewed
CVE-2017-4918 was published May 17, 2022
default-rsyncssh.lua in Lsyncd 2.1.5 and earlier allows remote attackers to execute arbitrary... High Unreviewed
CVE-2014-8990 was published May 17, 2022
Array Networks AG/vxAG with ArrayOS AG before 9.4.0.469 allows unauthenticated command injection... Critical Unreviewed
CVE-2022-42897 was published Oct 13, 2022
piwigo 11.5.0 is affected by a remote code execution (RCE) vulnerability in the LocalFiles Editor. High Unreviewed
CVE-2021-40553 was published Jun 29, 2022
Tenda AX1803 v1.0.0.1_2890 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-34596 was published Jul 7, 2022
D-Link DIR-645 v1.03 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-32092 was published Jun 28, 2022
EMC Documentum D2 version 4.5 and EMC Documentum D2 version 4.6 has a DQL Injection Vulnerability... Moderate Unreviewed
CVE-2016-9873 was published May 17, 2022
Dashboards in Splunk Enterprise versions before 9.0 might let an attacker inject risky search... High Unreviewed
CVE-2022-32154 was published Jun 16, 2022
By executing a special command, an user with administrative rights can get access to extended... Moderate Unreviewed
CVE-2021-23861 was published Dec 9, 2021
In Green Packet DX-350 Firmware version v2.8.9.5-g1.4.8-atheeb, the "PING" (aka tag_ipPing)... Critical Unreviewed
CVE-2017-9980 was published May 17, 2022
ASUS RT-N53 3.0.0.4.376.3754 has a command injection vulnerability in the SystemCmd parameter of... Critical Unreviewed
CVE-2022-31874 was published Jun 18, 2022
Tenda AC18 router V15.03.05.19 and V15.03.05.05 was discovered to contain a remote code execution... Critical Unreviewed
CVE-2022-31446 was published Jun 15, 2022
scripts/license.pl in Veritas NetBackup Appliance 2.6.0.x through 2.6.0.4, 2.6.1.x through 2.6.1... Critical Unreviewed
CVE-2016-7399 was published May 17, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database