Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,655
Maven
5,000+
npm
4,284
NuGet
760
pip
4,067
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,013 advisories

Loading
Arbitrary code execution in kill-by-port Moderate
CVE-2021-23363 was published for kill-by-port (npm) Apr 13, 2021
Command Injection in ffmpegdotjs Critical
CVE-2021-23376 was published for ffmpegdotjs (npm) May 6, 2021
Command Injection in ps-visitor Critical
CVE-2021-23374 was published for ps-visitor (npm) May 7, 2021
Command Injection in onion-oled-js Critical
CVE-2021-23377 was published for onion-oled-js (npm) May 7, 2021
Code injection in kill-process-by-name Critical
CVE-2021-23356 was published for kill-process-by-name (npm) Mar 19, 2021
Command injection in launchpad Critical
CVE-2021-23330 was published for launchpad (npm) Apr 13, 2021
Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4.1.2cu... Critical Unreviewed
CVE-2022-26211 was published Mar 17, 2022
Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4.1.2cu... Critical Unreviewed
CVE-2022-26208 was published Mar 17, 2022
Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4.1.2cu... Critical Unreviewed
CVE-2022-26214 was published Mar 17, 2022
Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4.1.2cu... Critical Unreviewed
CVE-2022-26209 was published Mar 17, 2022
Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were... Critical Unreviewed
CVE-2022-26993 was published Mar 17, 2022
Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4.1.2cu... Critical Unreviewed
CVE-2022-26212 was published Mar 17, 2022
Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were... Critical Unreviewed
CVE-2022-26991 was published Mar 17, 2022
Totolink X5000R_Firmware v9.1.0u.6118_B20201102 was discovered to contain a command injection... Critical Unreviewed
CVE-2022-26213 was published Mar 17, 2022
Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were... Critical Unreviewed
CVE-2022-26990 was published Mar 17, 2022
Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were... Critical Unreviewed
CVE-2022-26994 was published Mar 17, 2022
Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4.1.2cu... Critical Unreviewed
CVE-2022-26207 was published Mar 17, 2022
Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4.1.2cu... Critical Unreviewed
CVE-2022-26210 was published Mar 17, 2022
Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were... Critical Unreviewed
CVE-2022-26992 was published Mar 17, 2022
Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4.1.2cu... Critical Unreviewed
CVE-2022-26206 was published Mar 17, 2022
A Command Injection vulnerability exits in TOTOLINK A3100R <=V4.1.2cu.5050_B20200504 in adm/ntm... Critical Unreviewed
CVE-2021-44620 was published Mar 12, 2022
Command injection in simple-git High
CVE-2022-24433 was published for simple-git (npm) Mar 12, 2022
In ims service, there is a possible AT command injection due to a missing permission check. This... High Unreviewed
CVE-2022-20054 was published Mar 11, 2022
festivaltts4r allows arbitrary command execution Critical
CVE-2016-10194 was published for festivaltts4r (RubyGems) Oct 24, 2017
active-support impersonates 'activesupport' gem Critical
CVE-2018-3779 was published for active-support (RubyGems) Aug 13, 2018
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database