GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,816

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,992 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... High Unreviewed

CVE-2021-29070 was published May 24, 2022

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed

CVE-2021-29076 was published May 24, 2022

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed

CVE-2021-29077 was published May 24, 2022

In TOTOLINK A860R V4.1.2cu.5182_B20201027 in cstecgi.cgi, the acquired parameters are directly... Critical Unreviewed

CVE-2022-37843 was published Sep 7, 2022

Tenda AC9 V15.03.2.21_cn is vulnerable to command injection via goform/SetSysTimeCfg. Critical Unreviewed

CVE-2022-36273 was published Aug 17, 2022

RPi-Jukebox-RFID v2.3.0 was discovered to contain a command injection vulnerability via the... Critical Unreviewed

CVE-2022-36749 was published Aug 31, 2022

NFX Series devices using Juniper Networks Junos OS are susceptible to a local command execution... High Unreviewed

CVE-2021-0253 was published May 24, 2022

In Fibaro Home Center 2 and Lite devices with firmware version 4.540 and older an authenticated... High Unreviewed

CVE-2021-20991 was published May 24, 2022

NuProcess vulnerable to command-line injection through insertion of NUL character(s) High

CVE-2022-39243 was published for com.zaxxer:nuprocess (Maven) Sep 30, 2022

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed

CVE-2020-35794 was published May 24, 2022

A remote code execution vulnerability was identified in GitHub Enterprise Server that could be... High Unreviewed

CVE-2020-10519 was published May 24, 2022

An authenticated command injection vulnerability exists in the Aruba InstantOS and ArubaOS 10... High Unreviewed

CVE-2022-37893 was published Oct 8, 2022

NETGEAR DGN2200v1 devices before v1.0.0.58 are affected by command injection. High Unreviewed

CVE-2020-35777 was published May 24, 2022

Green Packet WiMax DV-360 2.10.14-g1.0.6.1 devices allow Command Injection, with unauthenticated... Critical Unreviewed

CVE-2018-14067 was published May 24, 2022

Certain Zyxel products allow command injection by an admin via an input string to chg_exp_pwd... High Unreviewed

CVE-2020-29299 was published May 24, 2022

Belkin LINKSYS RE6500 devices before 1.0.11.001 allow remote authenticated users to execute... High Unreviewed

CVE-2020-35714 was published May 24, 2022

A command injection issue in dji_sys in DJI Mavic 2 Remote Controller before firmware version 01... High Unreviewed

CVE-2020-29664 was published May 24, 2022

The EFM ipTIME C200 IP Camera is affected by a Command Injection vulnerability in /login.cgi... High Unreviewed

CVE-2020-7848 was published May 24, 2022

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Critical Unreviewed

CVE-2021-29071 was published May 24, 2022

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... High Unreviewed

CVE-2021-29072 was published May 24, 2022

Nagios XI 5.7.2 is affected by a remote code execution (RCE) vulnerability. An authenticated user... High Unreviewed

CVE-2020-24899 was published May 24, 2022

The Baseboard Management Controller (BMC) firmware in HPE Apollo 70 System prior to version 3.0... High Unreviewed

CVE-2021-26576 was published May 24, 2022

In mobile_log_d, there is a possible command injection due to improper input validation. This... Moderate Unreviewed

CVE-2021-0364 was published May 24, 2022

This command injection vulnerability allows attackers to execute arbitrary commands in a... Critical Unreviewed

CVE-2019-7198 was published May 24, 2022

rakibtg Docker Dashboard before 2021-02-28 allows command injection in backend/utilities/terminal... Critical Unreviewed

CVE-2021-27886 was published May 24, 2022

Previous 1…101…120 Next

Previous 1 2 … 99 100 101 102 103 … 119 120 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,992 advisories