Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

160 advisories

Loading
Shell Metacharacter Injection in kelredd-pruview Critical
CVE-2013-1947 was published for kelredd-pruview (RubyGems) Oct 24, 2017
Creme Fraiche contains OS Command Injection Critical
CVE-2013-2090 was published for cremefraiche (RubyGems) Oct 24, 2017
Command Injection in pdfinfojs Critical
CVE-2018-3746 was published for pdfinfojs (npm) Jun 7, 2018
Growl before 1.10.0 vulnerable to Command Injection Critical
CVE-2017-16042 was published for growl (npm) Jun 8, 2018
Command Injection in git-dummy-commit Critical
CVE-2018-3785 was published for git-dummy-commit (npm) Aug 21, 2018
Command Injection in macaddress Critical
CVE-2018-13797 was published for macaddress (npm) Sep 6, 2018
Command Injection in egg-scripts Critical
CVE-2018-3786 was published for egg-scripts (npm) Sep 17, 2018
tdunlap607
ps Enables OS Command Injection Critical
CVE-2018-16460 was published for ps (npm) Sep 17, 2018
Potential Command Injection in shell-quote Critical
CVE-2016-10541 was published for shell-quote (npm) Feb 18, 2019
Command Injection in Xstream Critical
CVE-2013-7285 was published for com.thoughtworks.xstream:xstream (Maven) May 29, 2019
mmabdpr MarkLee131
Nokogiri Command Injection Vulnerability Critical
CVE-2019-5477 was published for nokogiri (RubyGems) Aug 19, 2019
tdunlap607
Command Injection in gitlabhook Critical
CVE-2019-5485 was published for gitlabhook (npm) Sep 16, 2019
Remote Code Execution Vulnerability in NPM mongo-express Critical
CVE-2019-10758 was published for mongo-express (npm) Dec 30, 2019
JLLeitschuh
OS command injection in git-diff-apply Critical
CVE-2019-10776 was published for git-diff-apply (npm) Feb 14, 2020
OS command injection in aws-lambda Critical
CVE-2019-10777 was published for aws-lambda (npm) Feb 14, 2020
BibTeX-Ruby vulnerable to OS command injection Critical
CVE-2019-10780 was published for bibtex-ruby (RubyGems) Feb 14, 2020
OS Command Injection in devcert-sanscache Critical
CVE-2019-10778 was published for devcert-sanscache (npm) Apr 14, 2020
Command Injection in npm-programmatic Critical
CVE-2020-7614 was published for npm-programmatic (npm) Apr 23, 2020
curlrequest allows execution of arbitrary commands Critical
CVE-2020-7646 was published for curlrequest (npm) May 13, 2020
Command Injection in umount Critical
CVE-2020-7628 was published for umount (npm) Jun 10, 2020
Command injection via Celery broker in Apache Airflow Critical
CVE-2020-11981 was published for apache-airflow (pip) Jul 27, 2020
sunSUNQ
Command Injection in Kylin Critical
CVE-2020-13925 was published for org.apache.kylin:kylin-server-base (Maven) Jul 27, 2020
Command Execution in windows-cpu Critical
CVE-2017-1000219 was published for windows-cpu (npm) Sep 1, 2020
Command Injection in pdf-image Critical
CVE-2018-3757 was published for pdf-image (npm) Sep 1, 2020
Arbitrary Code Execution in require-node Critical
GHSA-8j6j-4h2c-c65p was published for require-node (npm) Sep 3, 2020
ProTip! Advisories are also available from the GraphQL API