Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,992 advisories

Loading
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed
CVE-2020-27867 was published May 24, 2022
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed
CVE-2020-27862 was published May 24, 2022
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed
CVE-2020-27864 was published May 24, 2022
vSphere Replication 8.3.x prior to 8.3.1.2, 8.2.x prior to 8.2.1.1, 8.1.x prior to 8.1.2.3 and 6... High Unreviewed
CVE-2021-21976 was published May 24, 2022
Wavlink WN575A4 and WN579X3 devices through 2020-05-15 allow unauthenticated remote users to... Critical Unreviewed
CVE-2020-13117 was published May 24, 2022
The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0... High Unreviewed
CVE-2021-26576 was published May 24, 2022
The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0... High Unreviewed
CVE-2021-25172 was published May 24, 2022
Bitcoin Core before 0.19.0 might allow remote attackers to execute arbitrary code when another... Critical Unreviewed
CVE-2021-3401 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016,... High Unreviewed
CVE-2021-1316 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016,... High Unreviewed
CVE-2021-1315 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016,... High Unreviewed
CVE-2021-1314 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016,... High Unreviewed
CVE-2021-1318 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016,... High Unreviewed
CVE-2021-1317 was published May 24, 2022
In mobile_log_d, there is a possible command injection due to improper input validation. This... Moderate Unreviewed
CVE-2021-0364 was published May 24, 2022
In mobile_log_d, there is a possible command injection due to a missing bounds check. This could... Moderate Unreviewed
CVE-2021-0363 was published May 24, 2022
In netdiag, there is a possible command injection due to improper input validation. This could... Moderate Unreviewed
CVE-2021-0358 was published May 24, 2022
In netdiag, there is a possible command injection due to improper input validation. This could... Moderate Unreviewed
CVE-2021-0356 was published May 24, 2022
D-Link DNS-320 FW v2.06B01 Revision Ax is affected by command injection in the system_mgr.cgi... Critical Unreviewed
CVE-2020-25506 was published May 24, 2022
The D-Link DSR-250 (3.14) DSR-1000N (2.11B201) UPnP service contains a command injection... Critical Unreviewed
CVE-2020-18568 was published May 24, 2022
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... High Unreviewed
CVE-2020-8101 was published May 24, 2022
KLog Server through 2.4.1 allows authenticated command injection. async.php calls shell_exec() on... High Unreviewed
CVE-2021-3317 was published May 24, 2022
Go before 1.14.14 and 1.15.x before 1.15.7 on Windows is vulnerable to Command Injection and... High Unreviewed
CVE-2021-3115 was published May 24, 2022
Rostelecom CS-C2SHW 5.0.082.1 is affected by: Bash command injection. The camera reads... Moderate Unreviewed
CVE-2020-27542 was published May 24, 2022
The Yale WIPC-303W 2.21 through 2.31 camera is vulnerable to remote command execution (RCE)... High Unreviewed
CVE-2020-23826 was published May 24, 2022
Multiple vulnerabilities in Cisco SD-WAN products could allow an authenticated attacker to... High Unreviewed
CVE-2021-1298 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database