Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,780
Erlang
36
GitHub Actions
29
Go
2,344
Maven
5,000+
npm
3,973
NuGet
719
pip
3,770
Pub
12
RubyGems
923
Rust
978
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,731 advisories

Loading
Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4.1.2cu... Critical Unreviewed
CVE-2022-26214 was published Mar 17, 2022
Totolink X5000R_Firmware v9.1.0u.6118_B20201102 was discovered to contain a command injection... Critical Unreviewed
CVE-2022-26213 was published Mar 17, 2022
Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4.1.2cu... Critical Unreviewed
CVE-2022-26212 was published Mar 17, 2022
Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4.1.2cu... Critical Unreviewed
CVE-2022-26211 was published Mar 17, 2022
Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were... Critical Unreviewed
CVE-2022-26990 was published Mar 17, 2022
Arris routers SBR-AC1900P 1.0.7-B05, SBR-AC3200P 1.0.7-B05 and SBR-AC1200P 1.0.5-B05 were... Critical Unreviewed
CVE-2022-26993 was published Mar 17, 2022
Totolink A830R V5.9c.4729_B20191112, A3100R V4.1.2cu.5050_B20200504, A950RG V4.1.2cu... Critical Unreviewed
CVE-2022-26208 was published Mar 17, 2022
Code injection in kill-process-by-name Critical
CVE-2021-23356 was published for kill-process-by-name (npm) Mar 19, 2021
Command injection in launchpad Critical
CVE-2021-23330 was published for launchpad (npm) Apr 13, 2021
Command Injection in onion-oled-js Critical
CVE-2021-23377 was published for onion-oled-js (npm) May 7, 2021
Command Injection in ps-visitor Critical
CVE-2021-23374 was published for ps-visitor (npm) May 7, 2021
Command injection in portkiller High
CVE-2021-23379 was published for portkiller (npm) May 6, 2021
Command Injection in ffmpegdotjs Critical
CVE-2021-23376 was published for ffmpegdotjs (npm) May 6, 2021
Arbitrary code execution in kill-by-port Moderate
CVE-2021-23363 was published for kill-by-port (npm) Apr 13, 2021
Command Injection in picotts Critical
CVE-2021-23378 was published for picotts (npm) May 7, 2021
Command Injection in psnode High
CVE-2021-23375 was published for psnode (npm) May 6, 2021
Command Injection in killing High
CVE-2021-23381 was published for killing (npm) May 6, 2021
Command Injection in @ronomon/opened Critical
CVE-2021-29300 was published for @ronomon/opened (npm) Jun 8, 2021
Arbitrary command execution in roar-pidusage Moderate
CVE-2021-23380 was published for roar-pidusage (npm) May 6, 2021
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the... Critical Unreviewed
CVE-2022-25439 was published Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a remote command execution (RCE) vulnerability... Critical Unreviewed
CVE-2022-25438 was published Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the firewallen parameter in... Critical Unreviewed
CVE-2022-25434 was published Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the list parameter in the... Critical Unreviewed
CVE-2022-25437 was published Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain multiple stack overflows via the NPTR, V12, V10... Critical Unreviewed
CVE-2022-25431 was published Mar 19, 2022
Tenda AC9 v15.03.2.21 was discovered to contain a stack overflow via the ntpserver parameter in... Critical Unreviewed
CVE-2022-25440 was published Mar 19, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database