GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
87 advisories
Filter by severity
Potential Command Injection in printer
Critical
CVE-2014-3741
was published
for
printer
(npm)
Nov 28, 2017
Critical severity vulnerability that affects Haraka
Critical
CVE-2016-1000282
was published
for
Haraka
(npm)
Feb 12, 2019
Command Injection in samsung-remote
Critical
GHSA-xhjx-mfr6-9rr4
was published
for
samsung-remote
(npm)
Sep 1, 2020
Command Injection in gnuplot
Critical
GHSA-cfwc-xjfp-44jg
was published
for
gnuplot
(npm)
Sep 4, 2020
Command Injection in npm-git-publish
Critical
GHSA-49mg-94fc-2fx6
was published
for
npm-git-publish
(npm)
Sep 4, 2020
Command Injection in node-wifi
Critical
GHSA-4x6x-782q-jfc4
was published
for
node-wifi
(npm)
Sep 3, 2020
Command Injection in meta-git
Critical
GHSA-qcff-ffx3-m25c
was published
for
meta-git
(npm)
Sep 4, 2020
Command Injection in traceroute
Critical
GHSA-rjvj-673q-4hfw
was published
for
traceroute
(npm)
Sep 4, 2020
Command Injection in priest-runner
Critical
GHSA-9px9-f7jw-fwhj
was published
for
priest-runner
(npm)
Sep 3, 2020
Command Injection in plotter
Critical
GHSA-65xx-c85x-wg76
was published
for
plotter
(npm)
Sep 4, 2020
Command Injection in bestzip
Critical
GHSA-4qqc-mp5f-ccv4
was published
for
bestzip
(npm)
Sep 2, 2020
Command injection in launchpad
Critical
CVE-2021-23330
was published
for
launchpad
(npm)
Apr 13, 2021
Code injection in kill-process-by-name
Critical
CVE-2021-23356
was published
for
kill-process-by-name
(npm)
Mar 19, 2021
Command Injection in onion-oled-js
Critical
CVE-2021-23377
was published
for
onion-oled-js
(npm)
May 7, 2021
Command Injection in ps-visitor
Critical
CVE-2021-23374
was published
for
ps-visitor
(npm)
May 7, 2021
Command Injection in ffmpegdotjs
Critical
CVE-2021-23376
was published
for
ffmpegdotjs
(npm)
May 6, 2021
Command Injection in @ronomon/opened
Critical
CVE-2021-29300
was published
for
@ronomon/opened
(npm)
Jun 8, 2021
Command injection in npm-dependency-versions
Critical
CVE-2022-29080
was published
for
npm-dependency-versions
(npm)
Apr 13, 2022
ProTip!
Advisories are also available from the
GraphQL API