Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,992 advisories

Loading
Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business... High Unreviewed
CVE-2021-1551 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business... High Unreviewed
CVE-2021-1552 was published May 24, 2022
Command Injection in Apache James Moderate
CVE-2021-38542 was published for org.apache.james:james-server (Maven) Jan 8, 2022
The api/ZRIptv/setIptvInfo interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote... Critical Unreviewed
CVE-2021-30233 was published May 24, 2022
The api/ZRFirmware/set_time_zone interface in China Mobile An Lianbao WF-1 router 1.0.1 allows... Critical Unreviewed
CVE-2021-30230 was published May 24, 2022
The api/ZRIGMP/set_IGMP_PROXY interface in China Mobile An Lianbao WF-1 router 1.0.1 allows... Critical Unreviewed
CVE-2021-30232 was published May 24, 2022
The api/zrDm/set_zrDm interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote... High Unreviewed
CVE-2021-30229 was published May 24, 2022
Akuvox C315 115.116.2613 allows remote command Injection via the cfgd_server service. The attack... Critical Unreviewed
CVE-2021-31726 was published May 24, 2022
IBM Resilient SOAR V38.0 could allow a privileged user to create create malicious scripts that... High Unreviewed
CVE-2021-20527 was published May 24, 2022
In IBOS 4.5.4 Open, the database backup has Command Injection Vulnerability. High Unreviewed
CVE-2020-21785 was published May 24, 2022
Improper neutralization of special elements used in a command ('Command Injection') vulnerability... High Unreviewed
CVE-2021-34809 was published May 24, 2022
An issue was discovered on Enphase Envoy R3.x and D4.x (and other current) devices. The... High Unreviewed
CVE-2020-25755 was published May 24, 2022
A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant... High Unreviewed
CVE-2021-25146 was published May 24, 2022
A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant... High Unreviewed
CVE-2021-25150 was published May 24, 2022
CONQUEST DICOM SERVER before 1.5.0 has a code execution vulnerability which can be exploited by... Critical Unreviewed
CVE-2020-35308 was published May 24, 2022
A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant... High Unreviewed
CVE-2021-25162 was published May 24, 2022
A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant... High Unreviewed
CVE-2020-24635 was published May 24, 2022
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... High Unreviewed
CVE-2021-29069 was published May 24, 2022
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-29079 was published May 24, 2022
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-29078 was published May 24, 2022
Command injection in mail agent settings High
CVE-2021-37708 was published for shopware/core (Composer) Aug 30, 2021
The open_generic_xdg_mime function in xdg-open in xdg-utils 1.1.0 rc1 in Debian, when using dash,... High Unreviewed
CVE-2015-1877 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business... High Unreviewed
CVE-2021-1554 was published May 24, 2022
In Versa Director, the command injection is an attack in which the goal is execution of arbitrary... Critical Unreviewed
CVE-2019-25029 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of certain Cisco Small Business... High Unreviewed
CVE-2021-1548 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database