Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,644
Maven
5,000+
npm
4,269
NuGet
760
pip
4,062
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,002 advisories

Loading
HashiCorp go-getter command injection Critical
CVE-2022-26945 was published for github.com/hashicorp/go-getter (Go) May 26, 2022
C-DATA FD702XW-X-R430 v2.1.13_X001 was discovered to contain a command injection vulnerability... Critical Unreviewed
CVE-2022-29337 was published May 25, 2022
Sprecher SPRECON-E firmware prior to 8.64b might allow local attackers with access to engineering... High Unreviewed
CVE-2020-11496 was published May 24, 2022
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to... High Unreviewed
CVE-2021-33553 was published May 24, 2022
An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173... Critical Unreviewed
CVE-2020-27240 was published May 24, 2022
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to... High Unreviewed
CVE-2021-33554 was published May 24, 2022
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to... High Unreviewed
CVE-2021-33548 was published May 24, 2022
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to... High Unreviewed
CVE-2021-33544 was published May 24, 2022
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to... High Unreviewed
CVE-2021-33550 was published May 24, 2022
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to... High Unreviewed
CVE-2021-33552 was published May 24, 2022
Multiple camera devices by UDP Technology, Geutebrück and other vendors are vulnerable to... High Unreviewed
CVE-2021-33551 was published May 24, 2022
An exploitable SQL injection vulnerability exists in ‘getAssets.jsp’ page of OpenClinic GA 5.173... Critical Unreviewed
CVE-2020-27241 was published May 24, 2022
In the wazuh-slack active response script in Wazuh before 4.2.5, untrusted user agents are passed... Critical Unreviewed
CVE-2021-44079 was published May 24, 2022
Insufficient input validation in PSP firmware for discrete TPM commands could allow a potential... High Unreviewed
CVE-2020-12946 was published May 24, 2022
Insufficient ID command validation in the SEV Firmware may allow a local authenticated attacker... Moderate Unreviewed
CVE-2021-26321 was published May 24, 2022
A command injection vulnerability was discovered in the HNAP1 protocol in D-Link DIR-823G devices... Critical Unreviewed
CVE-2020-25367 was published May 24, 2022
A command injection vulnerability was discovered in the HNAP1 protocol in D-Link DIR-823G devices... Critical Unreviewed
CVE-2020-25368 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of the Cisco Catalyst Passive... Critical Unreviewed
CVE-2021-40113 was published May 24, 2022
In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, exporting collections via PDF export... High Unreviewed
CVE-2021-43266 was published May 24, 2022
In Ericsson Network Location MPS GMPC21, it is possible to inject commands via file_name in the... Critical Unreviewed
CVE-2021-43339 was published May 24, 2022
An issue was discovered in the add function in Shenzhim AAPTJS 1.3.1 which allows attackers to... Critical Unreviewed
CVE-2020-26707 was published May 24, 2022
Multiple vulnerabilities in the CLI of Cisco Firepower Threat Defense (FTD) Software could allow... High Unreviewed
CVE-2021-34756 was published May 24, 2022
An issue was discovered in Nagios XI 5.8.5. In the Manage Dashlets section of the Admin panel, an... High Unreviewed
CVE-2021-40345 was published May 24, 2022
A command injection vulnerability has been reported to affect QNAP device running Media Streaming... High Unreviewed
CVE-2021-34362 was published May 24, 2022
All versions of yongyou PLM are affected by a command injection issue. UFIDA PLM (Product Life... Critical Unreviewed
CVE-2021-41744 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database