Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,992 advisories

Loading
Command Injection in SaltStack Salt High
CVE-2021-31607 was published for salt (pip) May 24, 2022
NFX Series devices using Juniper Networks Junos OS are susceptible to a local code execution... High Unreviewed
CVE-2021-0252 was published May 24, 2022
NFX Series devices using Juniper Networks Junos OS are susceptible to a local command execution... High Unreviewed
CVE-2021-0253 was published May 24, 2022
In Fibaro Home Center 2 and Lite devices with firmware version 4.540 and older an authenticated... High Unreviewed
CVE-2021-20991 was published May 24, 2022
IBM Resilient SOAR V38.0 could allow a privileged user to create create malicious scripts that... High Unreviewed
CVE-2021-20527 was published May 24, 2022
A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited,... Critical Unreviewed
CVE-2020-2509 was published May 24, 2022
SQL Injection in the "evoadm.php" component of b2evolution v7.2.2-stable allows remote attackers... High Unreviewed
CVE-2021-28242 was published May 24, 2022
An exploitable unatuhenticated command injection exists in the OpenClinic GA 5.173.3. Specially... Critical Unreviewed
CVE-2020-27227 was published May 24, 2022
Incorrect computation of branch displacements in BPF JIT compilers the Linux kernel can be abused... High Unreviewed
CVE-2021-29154 was published May 24, 2022
The text-to-speech engine in libretro RetroArch for Windows 0.11 passes unsanitized input to... High Unreviewed
CVE-2021-28927 was published May 24, 2022
Client side code execution in gitlab-vscode-extension v3.15.0 and earlier allows attacker to... High Unreviewed
CVE-2021-22195 was published May 24, 2022
CONQUEST DICOM SERVER before 1.5.0 has a code execution vulnerability which can be exploited by... Critical Unreviewed
CVE-2020-35308 was published May 24, 2022
A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant... High Unreviewed
CVE-2021-25162 was published May 24, 2022
A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant... High Unreviewed
CVE-2021-25150 was published May 24, 2022
A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant... High Unreviewed
CVE-2021-25146 was published May 24, 2022
Grandstream GRP261x VoIP phone running firmware version 1.0.3.6 (Base) allows Command Injection... High Unreviewed
CVE-2020-25217 was published May 24, 2022
A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant... High Unreviewed
CVE-2020-24635 was published May 24, 2022
A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant... Critical Unreviewed
CVE-2020-24636 was published May 24, 2022
A command injection on the /admin/broadcast.php script of Invigo Automatic Device Management (ADM... High Unreviewed
CVE-2020-10580 was published May 24, 2022
A remote code execution vulnerability was identified in GitHub Enterprise Server that could be... Moderate Unreviewed
CVE-2021-22864 was published May 24, 2022
A vulnerability in the web UI of Cisco IOS XE Software could allow an authenticated, remote... High Unreviewed
CVE-2021-1443 was published May 24, 2022
A vulnerability in Cisco IOx application hosting environment of Cisco IOS XE Software could allow... High Unreviewed
CVE-2021-1384 was published May 24, 2022
A vulnerability in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated, local... High Unreviewed
CVE-2021-1382 was published May 24, 2022
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-29076 was published May 24, 2022
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-29077 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database