GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+
2,278 advisories
Filter by severity
In Lens prior to 5.3.4, custom helm chart configuration creates helm commands from string...
High
Unreviewed
CVE-2021-23154
was published
Jan 11, 2022
An authenticated user can execute arbitrary command in Gerapy
High
CVE-2021-32849
was published
for
gerapy
(pip)
Jan 6, 2022
OS Command Injection in Laravel Framework
High
CVE-2020-19316
was published
for
laravel/framework
(Composer)
Jan 6, 2022
A vulnerability in the 'libsal.so' of the Zyxel GS1900 series firmware version 2.60 could allow...
High
Unreviewed
CVE-2021-35032
was published
Dec 29, 2021
A vulnerability in the TFTP client of Zyxel GS1900 series firmware, XGS1210 series firmware, and...
High
Unreviewed
CVE-2021-35031
was published
Dec 29, 2021
TP-Link wifi router TL-WR802N V4(JP), with firmware version prior to 211202, is vulnerable to OS...
High
Unreviewed
CVE-2021-4144
was published
Dec 24, 2021
A server side remote code execution vulnerability was found in Foreman project. A authenticated...
High
Unreviewed
CVE-2021-3584
was published
Dec 24, 2021
A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via...
High
Unreviewed
CVE-2021-3621
was published
Dec 24, 2021
An OS command injection vulnerability exists in the Web Manager FsUnmount functionality of...
High
Unreviewed
CVE-2021-21882
was published
Dec 23, 2021
OS Command Injection vulnerability in the wirelessConnect handler of Abode iota All-In-One...
High
Unreviewed
CVE-2020-8105
was published
Dec 21, 2021
FiberHome ONU GPON AN5506-04-F RP2617 is affected by an OS command injection vulnerability. This...
High
Unreviewed
CVE-2021-42912
was published
Dec 17, 2021
Two methods of a utility class in SAP NetWeaver AS ABAP - versions 700, 701, 702, 710, 711, 730,...
High
Unreviewed
CVE-2021-44235
was published
Dec 15, 2021
OS Command Injection in pixl-class
High
CVE-2020-7640
was published
for
pixl-class
(npm)
Dec 10, 2021
A violation of secure design principles in Fortinet Meru AP version 8.6.1 and below, version 8.5...
High
Unreviewed
CVE-2021-42759
was published
Dec 10, 2021
An unauthenticated command injection vulnerability exists in multiple parameters in the Gryphon...
High
Unreviewed
CVE-2021-20138
was published
Dec 10, 2021
An unauthenticated command injection vulnerability exists in the parameters of operation 3 in the...
High
Unreviewed
CVE-2021-20139
was published
Dec 10, 2021
An unauthenticated command injection vulnerability exists in the parameters of operation 32 in...
High
Unreviewed
CVE-2021-20141
was published
Dec 10, 2021
An unauthenticated command injection vulnerability exists in the parameters of operation 10 in...
High
Unreviewed
CVE-2021-20140
was published
Dec 10, 2021
An unauthenticated command injection vulnerability exists in the parameters of operation 41 in...
High
Unreviewed
CVE-2021-20142
was published
Dec 10, 2021
An unauthenticated command injection vulnerability exists in the parameters of operation 48 in...
High
Unreviewed
CVE-2021-20143
was published
Dec 10, 2021
An unauthenticated command injection vulnerability exists in the parameters of operation 49 in...
High
Unreviewed
CVE-2021-20144
was published
Dec 10, 2021
Improper neutralization of special elements in the SMA100 management interface '/cgi-bin/viewcert...
High
Unreviewed
CVE-2021-20039
was published
Dec 9, 2021
A post-authentication remote command injection vulnerability in SonicWall SMA100 allows a remote...
High
Unreviewed
CVE-2021-20044
was published
Dec 9, 2021
ProTip!
Advisories are also available from the
GraphQL API