GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,651
Maven
5,000+
npm
4,279
NuGet
760
pip
4,066
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+
3,013 advisories
Filter by severity
ZZZCMS zzzphp v2.1.0 was discovered to contain a remote command execution (RCE) vulnerability via...
Critical
Unreviewed
CVE-2022-23881
was published
Mar 24, 2022
The snaptPowered2 component of Snapt Aria v12.8 was discovered to contain a command injection...
High
Unreviewed
CVE-2022-24237
was published
Mar 22, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the schedendtime parameter...
Critical
Unreviewed
CVE-2022-25427
was published
Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the...
Critical
Unreviewed
CVE-2022-25435
was published
Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a remote command execution (RCE) vulnerability...
Critical
Unreviewed
CVE-2022-25441
was published
Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the deviceId parameter in...
Critical
Unreviewed
CVE-2022-25428
was published
Mar 19, 2022
TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection...
Critical
Unreviewed
CVE-2022-26186
was published
Mar 23, 2022
DWSurvey v3.2.0 was discovered to contain a remote command execution (RCE) vulnerability via the...
Critical
Unreviewed
CVE-2021-39383
was published
Mar 22, 2022
Remote Code Execution in Contao Managed Edition
Critical
CVE-2022-26265
was published
for
contao/managed-edition
(Composer)
Mar 20, 2022
Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by unauthenticated command injection....
Critical
Unreviewed
CVE-2021-45876
was published
Mar 22, 2022
TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection...
Critical
Unreviewed
CVE-2022-26189
was published
Mar 23, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a buffer overflow via the time parameter in the...
Critical
Unreviewed
CVE-2022-25429
was published
Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the urls parameter in the...
Critical
Unreviewed
CVE-2022-25433
was published
Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a remote command execution (RCE) vulnerability...
Critical
Unreviewed
CVE-2022-25438
was published
Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain multiple stack overflows via the NPTR, V12, V10...
Critical
Unreviewed
CVE-2022-25431
was published
Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the...
Critical
Unreviewed
CVE-2022-25437
was published
Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the ntpserver parameter in...
Critical
Unreviewed
CVE-2022-25440
was published
Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the firewallen parameter in...
Critical
Unreviewed
CVE-2022-25434
was published
Mar 19, 2022
Arbitrary command execution in roar-pidusage
Moderate
CVE-2021-23380
was published
for
roar-pidusage
(npm)
May 6, 2021
Command Injection in @ronomon/opened
Critical
CVE-2021-29300
was published
for
@ronomon/opened
(npm)
Jun 8, 2021
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the...
Critical
Unreviewed
CVE-2022-25439
was published
Mar 19, 2022
Arbitrary code execution in kill-by-port
Moderate
CVE-2021-23363
was published
for
kill-by-port
(npm)
Apr 13, 2021
Command Injection in ffmpegdotjs
Critical
CVE-2021-23376
was published
for
ffmpegdotjs
(npm)
May 6, 2021
ProTip!
Advisories are also available from the
GraphQL API