GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,638
Composer 5,007
Erlang 39
GitHub Actions 38
Go 2,645
Maven 6,108
npm 4,271
NuGet 760
pip 4,065
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,156

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

4,105 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Multiple vulnerabilities exist in the AOS-CX command line interface that could lead to... High Unreviewed

CVE-2022-23681 was published Sep 7, 2022

calendar.php in vBulletin before 2.2.0 allows remote attackers to execute arbitrary commands via... High Unreviewed

CVE-2002-1660 was published Apr 30, 2022

MailGates and MailAudit products contain Command Injection flaw, which can be used to inject and... High Unreviewed

CVE-2020-25849 was published May 24, 2022

The Web Set Media Image function in ASUS BMC’s firmware Web management page does not filter the... High Unreviewed

CVE-2021-28203 was published May 24, 2022

sa-exim 4.2.1 allows attackers to execute arbitrary code if they can write a .cf file or a rule.... High Unreviewed

CVE-2019-19920 was published May 24, 2022

An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR... High Unreviewed

CVE-2017-12120 was published May 13, 2022

An exploitable command injection vulnerability exists in the web server functionality of Moxa EDR... High Unreviewed

CVE-2017-12121 was published May 13, 2022

The specific function in ASUS BMC’s firmware Web management page (Modify user’s information... High Unreviewed

CVE-2021-28204 was published May 24, 2022

TP-Link Archer A7 Archer A7(US)_V5_210519 is affected by a command injection vulnerability in ... Critical Unreviewed

CVE-2021-42232 was published Aug 24, 2022

USU Oracle Optimization before 5.17.5 allows authenticated DataCollection users to achieve agent... High Unreviewed

CVE-2022-29937 was published Apr 30, 2022

nbmember.cgi in Netbilling 2.0 allows remote attackers to obtain sensitive information via the... Moderate Unreviewed

CVE-2004-2732 was published Apr 29, 2022

OS command injection vulnerability in soap.cgi (soapcgi_main in cgibin) in D-Link DIR-880L DIR... Critical Unreviewed

CVE-2018-6530 was published May 24, 2022

ohmyzsh is vulnerable to Improper Neutralization of Special Elements used in an OS Command High Unreviewed

CVE-2021-3934 was published May 24, 2022

A command injection vulnerability was reported in the Integrated Management Module (IMM) of... High Unreviewed

CVE-2021-3723 was published May 24, 2022

An OS command injection vulnerability in the Palo Alto Networks PAN-OS management interface... High Unreviewed

CVE-2021-3059 was published May 24, 2022

An OS command injection vulnerability in the Simple Certificate Enrollment Protocol (SCEP)... High Unreviewed

CVE-2021-3060 was published May 24, 2022

An issue was discovered in OpenGamePanel OGP-Agent-Linux through 2021-08-14. An authenticated... High Unreviewed

CVE-2021-37158 was published May 24, 2022

An OS command injection vulnerability in the Palo Alto Networks PAN-OS command line interface ... High Unreviewed

CVE-2021-3061 was published May 24, 2022

PowerCMS XMLRPC API of PowerCMS 5.19 and earlier, PowerCMS 4.49 and earlier, PowerCMS 3.295 and... Critical Unreviewed

CVE-2021-20850 was published May 24, 2022

OS Command Injection vulnerability in debug_fcgi of D-Link DWR-932C E1 firmware allows a remote... Critical Unreviewed

CVE-2021-42784 was published May 24, 2022

A shell command injection in the HW Events SNMP community in XoruX LPAR2RRD and STOR2RRD before 7... High Unreviewed

CVE-2021-42372 was published May 24, 2022

An OS command injection vulnerability in the Palo Alto Networks PAN-OS web interface enables an... High Unreviewed

CVE-2021-3058 was published May 24, 2022

In Mahara before 20.04.5, 20.10.3, 21.04.2, and 21.10.0, exporting collections via PDF export... High Unreviewed

CVE-2021-43266 was published May 24, 2022

Vulnerability in the product Docsis 3.0 UBC1319BA00 Router supported affected version... High Unreviewed

CVE-2021-39474 was published May 24, 2022

A improper neutralization of special elements used in an OS command ('OS Command Injection') in... High Unreviewed

CVE-2021-36185 was published May 24, 2022

Previous 1…134…165 Next

Previous 1 2 … 132 133 134 135 136 … 164 165 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

4,105 advisories