Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,644
Maven
5,000+
npm
4,269
NuGet
760
pip
4,062
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,002 advisories

Loading
The affected product is vulnerable to a parameter injection via passphrase, which enables the... High Unreviewed
CVE-2021-42538 was published May 24, 2022
Improper Neutralization of Special Elements used in a Command in Shell-quote Critical
CVE-2021-42740 was published for shell-quote (npm) May 24, 2022
MyTrueWallet kurt-r2c
jwilk levpachmanov
Credited to MyTrueWallet, kurt-r2c, jwilk, and levpachmanov
A command injection vulnerability in sftp command processing on Juniper Networks Junos OS Evolved... High Unreviewed
CVE-2021-31358 was published May 24, 2022
A command injection vulnerability in tcpdump command processing on Juniper Networks Junos OS... High Unreviewed
CVE-2021-31357 was published May 24, 2022
A command injection vulnerability in command processing on Juniper Networks Junos OS Evolved... High Unreviewed
CVE-2021-31356 was published May 24, 2022
The WordPress PDF Light Viewer Plugin WordPress plugin before 1.4.12 allows users with Author... High Unreviewed
CVE-2021-24684 was published May 24, 2022
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy... High Unreviewed
CVE-2021-40999 was published May 24, 2022
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy... High Unreviewed
CVE-2021-37739 was published May 24, 2022
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy... High Unreviewed
CVE-2021-40986 was published May 24, 2022
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy... High Unreviewed
CVE-2021-40987 was published May 24, 2022
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy... Moderate Unreviewed
CVE-2021-40995 was published May 24, 2022
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy... High Unreviewed
CVE-2021-40998 was published May 24, 2022
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy... Moderate Unreviewed
CVE-2021-40994 was published May 24, 2022
Yealink Device Management (DM) 3.6.0.20 allows command injection as root via the /sm/api/v1... Critical Unreviewed
CVE-2021-27561 was published May 24, 2022
A remote command execution vulnerability exists in add_server_service of PPTP_SERVER in Mercury... Critical Unreviewed
CVE-2020-22724 was published May 24, 2022
The Telus Wi-Fi Hub (PRV65B444A-S-TS) with firmware version 3.00.20 is affected by an... High Unreviewed
CVE-2021-20122 was published May 24, 2022
An issue was discovered in Zammad before 4.1.1. Command Injection can occur via custom Packages. Critical Unreviewed
CVE-2021-42094 was published May 24, 2022
A vulnerability in the REST API of Cisco Identity Services Engine (ISE) could allow an... High Unreviewed
CVE-2021-1594 was published May 24, 2022
Multiple vulnerabilities in the Cisco ATA 190 Series Analog Telephone Adapter Software could... High Unreviewed
CVE-2021-34710 was published May 24, 2022
A vulnerability in the web-based management interface of Cisco Intersight Virtual Appliance could... High Unreviewed
CVE-2021-34748 was published May 24, 2022
Multiple vulnerabilities in the Cisco ATA 190 Series Analog Telephone Adapter Software could... High Unreviewed
CVE-2021-34735 was published May 24, 2022
A command injection vulnerability has been reported to affect QNAP device running QVR. If... Critical Unreviewed
CVE-2021-34352 was published May 24, 2022
Remote Code Execution vulnerability in Micro Focus ArcSight Enterprise Security Manager (ESM)... Critical Unreviewed
CVE-2021-38124 was published May 24, 2022
There is a command injection vulnerability in CMA service module of FusionCompute 6.3.0, 6.3.1, 6... High Unreviewed
CVE-2021-37106 was published May 24, 2022
furlongm openvpn-monitor command injection High
CVE-2021-31605 was published for openvpn-monitor (pip) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database