GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,656
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
917 advisories
Filter by severity
A command injection vulnerability in the API of the Wavlink WL-WN531P3 router, version M31G3...
Critical
Unreviewed
CVE-2022-23900
was published
Apr 8, 2022
A Remote Command Injection vulnerability exists in DrayTek Vigor 2960 1.5.1.3, DrayTek Vigor 3900...
Critical
Unreviewed
CVE-2021-43118
was published
Mar 30, 2022
D-Link DIR-816 A2 1.10 B05 allows unauthenticated attackers to arbitrarily reset the device via a...
Critical
Unreviewed
CVE-2021-31326
was published
Mar 25, 2022
TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection...
Critical
Unreviewed
CVE-2022-26187
was published
Mar 23, 2022
An issue was discovered in Pascom Cloud Phone System before 7.20.x. In the management REST API, ...
Critical
Unreviewed
CVE-2021-45966
was published
Mar 19, 2022
TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection...
Critical
Unreviewed
CVE-2022-26188
was published
Mar 23, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the deviceId parameter in...
Critical
Unreviewed
CVE-2022-25428
was published
Mar 19, 2022
ZZZCMS zzzphp v2.1.0 was discovered to contain a remote command execution (RCE) vulnerability via...
Critical
Unreviewed
CVE-2022-23881
was published
Mar 24, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the schedendtime parameter...
Critical
Unreviewed
CVE-2022-25427
was published
Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the...
Critical
Unreviewed
CVE-2022-25435
was published
Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a remote command execution (RCE) vulnerability...
Critical
Unreviewed
CVE-2022-25441
was published
Mar 19, 2022
Multiple versions of GARO Wallbox GLB/GTB/GTC are affected by unauthenticated command injection....
Critical
Unreviewed
CVE-2021-45876
was published
Mar 22, 2022
TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection...
Critical
Unreviewed
CVE-2022-26189
was published
Mar 23, 2022
Remote Code Execution in Contao Managed Edition
Critical
CVE-2022-26265
was published
for
contao/managed-edition
(Composer)
Mar 20, 2022
DWSurvey v3.2.0 was discovered to contain a remote command execution (RCE) vulnerability via the...
Critical
Unreviewed
CVE-2021-39383
was published
Mar 22, 2022
TOTOLINK N600R V4.3.0cu.7570_B20200620 was discovered to contain a command injection...
Critical
Unreviewed
CVE-2022-26186
was published
Mar 23, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the urls parameter in the...
Critical
Unreviewed
CVE-2022-25433
was published
Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a buffer overflow via the time parameter in the...
Critical
Unreviewed
CVE-2022-25429
was published
Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain multiple stack overflows via the NPTR, V12, V10...
Critical
Unreviewed
CVE-2022-25431
was published
Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the ntpserver parameter in...
Critical
Unreviewed
CVE-2022-25440
was published
Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a remote command execution (RCE) vulnerability...
Critical
Unreviewed
CVE-2022-25438
was published
Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the firewallen parameter in...
Critical
Unreviewed
CVE-2022-25434
was published
Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the...
Critical
Unreviewed
CVE-2022-25437
was published
Mar 19, 2022
Command Injection in @ronomon/opened
Critical
CVE-2021-29300
was published
for
@ronomon/opened
(npm)
Jun 8, 2021
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the...
Critical
Unreviewed
CVE-2022-25439
was published
Mar 19, 2022
ProTip!
Advisories are also available from the
GraphQL API