Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

88 advisories

Loading
PIDUsage Enables OS Command Injection Critical
CVE-2017-1000220 was published for pidusage (npm) May 13, 2022
mattberry3
Withdrawn Advisory: OS Command Injection in effect Critical
CVE-2020-7624 was published for effect (npm) Feb 10, 2022 withdrawn
Fidget-Grep
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') in ZMarkdown Critical
GHSA-2c83-wfv3-q25f was published for rebber (npm) Sep 7, 2021
gustavi
Treekill Enables OS Command Injection Critical
CVE-2019-15598 was published for tree-kill (npm) May 24, 2022
promise-probe OS command injection vulnerability Critical
CVE-2019-10791 was published for promise-probe (npm) May 24, 2022
Pedroetb TTS-API OS Command Injection Critical
CVE-2019-25158 was published for tts-api (npm) Dec 19, 2023
vm2 Sandbox Escape vulnerability Critical
CVE-2023-37903 was published for vm2 (npm) Jul 13, 2023
leesh3288
appium-desktop OS Command Injection vulnerability Critical
CVE-2023-2479 was published for appium-desktop (npm) May 2, 2023
Command Injection Vulnerability in find-exec Critical
CVE-2023-40582 was published for find-exec (npm) Aug 30, 2023
miguelafmonteiro
apiconnect-cli-plugins vulnerable to OS Command Injection Critical
CVE-2020-7633 was published for apiconnect-cli-plugins (npm) May 24, 2021
Command Injection in egg-scripts Critical
CVE-2018-3786 was published for egg-scripts (npm) Sep 17, 2018
tdunlap607
OS Command Injection in heroku-addonpool Critical
CVE-2020-7634 was published for heroku-addonpool (npm) Dec 9, 2021
OS Command Injection in node-prompt-here Critical
CVE-2020-7602 was published for node-prompt-here (npm) May 7, 2021
OS Command Injection in giting Critical
CVE-2019-10802 was published for giting (npm) Apr 13, 2021
KateCatlin
Remote Code Execution Vulnerability in NPM mongo-express Critical
CVE-2019-10758 was published for mongo-express (npm) Dec 30, 2019
JLLeitschuh
OS Command Injection in docker-compose-remote-api Critical
CVE-2020-7606 was published for docker-compose-remote-api (npm) May 7, 2021
ps Enables OS Command Injection Critical
CVE-2018-16460 was published for ps (npm) Sep 17, 2018
push-dir Enables OS Command Injection Critical
CVE-2019-10803 was published for push-dir (npm) Feb 9, 2022
Command Injection in nuance-gulp-build-common Critical
CVE-2020-28430 was published for nuance-gulp-build-common (npm) Apr 13, 2021 withdrawn
karma-mojo enables OS Command Injection Critical
CVE-2020-7626 was published for karma-mojo (npm) Feb 10, 2022
Command injection in buns Critical
CVE-2020-7794 was published for buns (npm) Jan 13, 2021
Command Execution in windows-cpu Critical
CVE-2017-1000219 was published for windows-cpu (npm) Sep 1, 2020
OS Command Injection in Locutus Critical
CVE-2020-13619 was published for locutus (npm) Jul 26, 2021
OS Command Injection in gulp-tape Critical
CVE-2020-7605 was published for gulp-tape (npm) May 7, 2021
OS Command Injection in gulkp-styledocco Critical
CVE-2020-7607 was published for gulp-styledocco (npm) May 7, 2021
ProTip! Advisories are also available from the GraphQL API