GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,494

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,990 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016,... High Unreviewed

CVE-2021-1317 was published May 24, 2022

Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of... High Unreviewed

CVE-2021-29703 was published May 24, 2022

Grandstream GRP261x VoIP phone running firmware version 1.0.3.6 (Base) allows Command Injection... High Unreviewed

CVE-2020-25217 was published May 24, 2022

In the pg_partman (aka PG Partition Manager) extension before 4.5.1 for PostgreSQL, arbitrary... Critical Unreviewed

CVE-2021-33204 was published May 24, 2022

Visual Studio Code Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31211. High Unreviewed

CVE-2021-31214 was published May 24, 2022

An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices. There is a luci_service Read_... High Unreviewed

CVE-2020-35755 was published May 24, 2022

A command injection on the /admin/broadcast.php script of Invigo Automatic Device Management (ADM... High Unreviewed

CVE-2020-10580 was published May 24, 2022

A command Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.7.5 allows local... High Unreviewed

CVE-2021-31854 was published Jan 20, 2022

A command injection security vulnerability has been identified in HPE Nimble Storage Hybrid Flash... Critical Unreviewed

CVE-2022-28618 was published May 21, 2022

** DISPUTED ** MikroTik RouterOS 6.47.9 allows remote authenticated ftp users to create or... High Unreviewed

CVE-2021-27221 was published May 24, 2022

prog.cgi on D-Link DIR-3060 devices before 1.11b04 HF2 allows remote authenticated users to... High Unreviewed

CVE-2021-28144 was published May 24, 2022

In Pluck-4.7.10-dev2 admin background, a remote command execution vulnerability exists when... Critical Unreviewed

CVE-2020-20951 was published May 24, 2022

Skype for Business and Lync Remote Code Execution Vulnerability High Unreviewed

CVE-2021-26422 was published May 24, 2022

Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability High Unreviewed

CVE-2021-28455 was published May 24, 2022

A remote unauthorized access vulnerability was discovered in Aruba AirWave Management Platform... High Unreviewed

CVE-2021-25166 was published May 24, 2022

VMware vRealize Business for Cloud 7.x prior to 7.6.0 contains a remote code execution... Critical Unreviewed

CVE-2021-21984 was published May 24, 2022

A remote authenticated arbitrary command execution vulnerability was discovered in Aruba AirWave... Moderate Unreviewed

CVE-2021-26970 was published May 24, 2022

A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy... High Unreviewed

CVE-2021-26680 was published May 24, 2022

A remote authenticated command Injection vulnerability was discovered in Aruba ClearPass Policy... High Unreviewed

CVE-2021-26681 was published May 24, 2022

vSphere Replication 8.3.x prior to 8.3.1.2, 8.2.x prior to 8.2.1.1, 8.1.x prior to 8.1.2.3 and 6... High Unreviewed

CVE-2021-21976 was published May 24, 2022

A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy... High Unreviewed

CVE-2021-26683 was published May 24, 2022

Improper Neutralization of Special Elements used in a Command in FitNesse Wiki High

CVE-2014-1216 was published for org.fitnesse:fitnesse (Maven) May 17, 2022

A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy... High Unreviewed

CVE-2021-26684 was published May 24, 2022

SolarWinds Platform was susceptible to Command Injection. This vulnerability allows a remote... High Unreviewed

CVE-2022-36962 was published Nov 29, 2022

The BeanShell components of IRISNext through 9.8.28 allow execution of arbitrary commands on the... High Unreviewed

CVE-2022-26111 was published Apr 26, 2022

Previous 1…114…120 Next

Previous 1 2 … 112 113 114 115 116 … 119 120 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,990 advisories