Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,002 advisories

Loading
Command Injection vulnerability in EmailWebPage API which can lead to a Remote Code Execution ... High Unreviewed
CVE-2021-35220 was published May 24, 2022
Several high privileged APIs on the Vizio P65-F1 6.0.31.4-2 and E50x-E1 10.0.31.4-2 Smart TVs do... Critical Unreviewed
CVE-2021-27944 was published May 24, 2022
opensysusers through 0.6 does not safely use eval on files in sysusers.d that may contain shell... Critical Unreviewed
CVE-2021-40084 was published May 24, 2022
Multiple vulnerabilities in the web UI and API endpoints of Cisco Application Policy... High Unreviewed
CVE-2021-1580 was published May 24, 2022
A command-injection vulnerability in the Image Upload function of the NASCENT RemKon Device... Critical Unreviewed
CVE-2021-38611 was published May 24, 2022
An issue was discovered in D-Link DIR816_A1_FW101CNB04 750m11ac wireless router via the HTTP... Critical Unreviewed
CVE-2021-39510 was published May 24, 2022
An issue was discovered in D-Link DIR-816 DIR-816A2_FWv1.10CNB05_R1B011D88210 750m11ac wireless... Critical Unreviewed
CVE-2021-39509 was published May 24, 2022
Command Injection in PHPMyWind v5.6 allows remote attackers to execute arbitrary code via the ... High Unreviewed
CVE-2020-18885 was published May 24, 2022
Dell EMC PowerScale OneFS versions 8.2.x - 9.1.1.x contain an improper neutralization of special... Moderate Unreviewed
CVE-2021-21595 was published May 24, 2022
An issue was discovered in SmarterTools SmarterMail through 100.0.7537. Meddler-in-the-middle... High Unreviewed
CVE-2020-29548 was published May 24, 2022
A vulnerability was reported in Lenovo Smart Camera X3, X5, and C2E that could allow command... High Unreviewed
CVE-2021-3617 was published May 24, 2022
In s/qmail through 4.0.07, an active MitM can inject arbitrary plaintext commands into a STARTTLS... Moderate Unreviewed
CVE-2020-15955 was published May 24, 2022
Realtek Jungle SDK version v2.x up to v3.4.14B provides an HTTP web server exposing a management... Critical Unreviewed
CVE-2021-35395 was published May 24, 2022
Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool called 'MP Daemon' that... Critical Unreviewed
CVE-2021-35394 was published May 24, 2022
A vulnerability in Pulse Connect Secure before 9.1R12 could allow an authenticated administrator... High Unreviewed
CVE-2021-22935 was published May 24, 2022
A vulnerability in Pulse Connect Secure before 9.1R12 could allow an authenticated administrator... High Unreviewed
CVE-2021-22938 was published May 24, 2022
An issue in Dut Computer Control Engineering Co.'s PLC MAC1100 allows attackers to execute... Critical Unreviewed
CVE-2020-18758 was published May 24, 2022
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... High Unreviewed
CVE-2021-38520 was published May 24, 2022
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... High Unreviewed
CVE-2021-38519 was published May 24, 2022
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... High Unreviewed
CVE-2021-38521 was published May 24, 2022
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... High Unreviewed
CVE-2021-38518 was published May 24, 2022
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-38530 was published May 24, 2022
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-38527 was published May 24, 2022
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-38529 was published May 24, 2022
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-38528 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database