Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,232
Erlang
31
GitHub Actions
20
Go
1,991
Maven
5,000+
npm
3,709
NuGet
661
pip
3,344
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,073 advisories

Loading
Command Injection in fs-git High
CVE-2017-16087 was published for fs-git (npm) May 29, 2019
High severity vulnerability that affects indico High
GHSA-67cx-rhhq-mfhq was published for indico (pip) Oct 11, 2019
Command injection in mversion High
CVE-2020-4059 was published for mversion (npm) Jun 18, 2020
Command Injection in fs-path High
GHSA-gc94-6w89-hpqr was published for fs-path (npm) Jun 12, 2019
Mooninaut
Potential Command Injection in codem-transcode High
CVE-2013-7377 was published for codem-transcode (npm) Nov 28, 2017
Command Injection in cocos-utils High
GHSA-rffp-mc78-wjf7 was published for cocos-utils (npm) Sep 2, 2020
Unauthenticated Remote Command Injection in ep_imageconvert High
CVE-2013-3364 was published for ep_imageconvert (npm) Aug 31, 2020
Command Injection in expressfs High
GHSA-mxmj-84q8-34r7 was published for expressfs (npm) Sep 3, 2020
Command Injection in addax High
GHSA-4q8f-5xxj-946r was published for addax (npm) Sep 3, 2020
Command Injection in soletta-dev-app High
GHSA-8mgg-5x65-m4m4 was published for soletta-dev-app (npm) Sep 11, 2020
Command Injection in strapi High
GHSA-9p2w-rmx4-9mw7 was published for strapi (npm) Sep 4, 2020
Command Injection in treekill High
GHSA-533p-g2hq-qr26 was published for treekill (npm) Sep 4, 2020
Command Injection in tomato High
GHSA-wqhw-frpx-5mmp was published for tomato (npm) Sep 2, 2020
Command Injection in entitlements High
GHSA-g8vp-6hv4-m67c was published for entitlements (npm) Sep 11, 2020
Improper sanitization of branch names in GitLab Runner affecting all versions prior to 15.3.5, 15... High Unreviewed
CVE-2022-2251 was published Jan 17, 2023
In ims service, there is a possible AT command injection due to a missing permission check. This... High Unreviewed
CVE-2022-20054 was published Mar 11, 2022
Command injection in simple-git High
CVE-2022-24433 was published for simple-git (npm) Mar 12, 2022
Command injection in portkiller High
CVE-2021-23379 was published for portkiller (npm) May 6, 2021
Command Injection in psnode High
CVE-2021-23375 was published for psnode (npm) May 6, 2021
Command Injection in killing High
CVE-2021-23381 was published for killing (npm) May 6, 2021
Okta Advanced Server Access Client for Linux and macOS prior to version 1.58.0 was found to be... High Unreviewed
CVE-2022-1030 was published Mar 24, 2022
Command Injection in ungit High
CVE-2022-25766 was published for ungit (npm) Mar 22, 2022
The snaptPowered2 component of Snapt Aria v12.8 was discovered to contain a command injection... High Unreviewed
CVE-2022-24237 was published Mar 22, 2022
Improper neutralization of special elements used in a command ('Command Injection') vulnerability... High Unreviewed
CVE-2022-22688 was published Mar 26, 2022
Multiple improper neutralization of special elements used in a command vulnerabilities [CWE-77]... High Unreviewed
CVE-2021-36180 was published Dec 9, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database