GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
2,332 advisories
Filter by severity
Command injection in launchpad
Critical
CVE-2021-23330
was published
for
launchpad
(npm)
Apr 13, 2021
Command Injection in nuance-gulp-build-common
Critical
CVE-2020-28430
was published
for
nuance-gulp-build-common
(npm)
Apr 13, 2021
•
withdrawn
Command injection in eslint-fixer
Critical
CVE-2021-26275
was published
for
eslint-fixer
(npm)
Apr 13, 2021
Command Injection Vulnerability in systeminformation
High
CVE-2021-21388
was published
for
systeminformation
(npm)
Apr 6, 2021
Arbitrary Command Injection in portprocesses
Moderate
CVE-2021-23348
was published
for
portprocesses
(npm)
Apr 6, 2021
Command injection in kill-process-on-port
High
CVE-2020-28426
was published
for
kill-process-on-port
(npm)
Mar 19, 2021
Code injection in kill-process-by-name
Critical
CVE-2021-23356
was published
for
kill-process-by-name
(npm)
Mar 19, 2021
Command injection in wc-cmd
Critical
CVE-2020-28431
was published
for
wc-cmd
(npm)
Mar 19, 2021
•
withdrawn
Madge vulnerable to command injection
High
CVE-2021-23352
was published
for
madge
(npm)
Mar 12, 2021
Command injection in samba-client
Critical
CVE-2021-27185
was published
for
samba-client
(npm)
Feb 11, 2021
Remote Code Execution in SCIMono
High
CVE-2021-21479
was published
for
com.sap.scimono:scimono-server
(Maven)
Feb 10, 2021
Command Injection in @graphql-tools/git-loader
High
CVE-2021-23326
was published
for
@graphql-tools/git-loader
(npm)
Jan 29, 2021
Command injection in ts-process-promises
Critical
CVE-2020-7784
was published
for
ts-process-promises
(npm)
Jan 13, 2021
Environment Variable Injection in GitHub Actions
Low
CVE-2020-15228
was published
for
@actions/core
(npm)
Oct 1, 2020
Command Injection in entitlements
High
GHSA-g8vp-6hv4-m67c
was published
for
entitlements
(npm)
Sep 11, 2020
Command Injection in wxchangba
Moderate
GHSA-j6v9-xgvh-f796
was published
for
wxchangba
(npm)
Sep 11, 2020
Command Injection in soletta-dev-app
High
GHSA-8mgg-5x65-m4m4
was published
for
soletta-dev-app
(npm)
Sep 11, 2020
Command Injection in traceroute
Critical
GHSA-rjvj-673q-4hfw
was published
for
traceroute
(npm)
Sep 4, 2020
Command Injection in npm-git-publish
Critical
GHSA-49mg-94fc-2fx6
was published
for
npm-git-publish
(npm)
Sep 4, 2020
ProTip!
Advisories are also available from the
GraphQL API