Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,104 advisories

Loading
WRC-300FEBK, WRC-F300NF, WRC-733FEBK, WRH-300RD, WRH-300BK, WRH-300SV, WRH-300WH, WRH-H300WH, WRH... High Unreviewed
CVE-2021-20739 was published May 24, 2022
QSAN SANOS factory reset function does not filter special parameters. Remote attackers can use... Critical Unreviewed
CVE-2021-32534 was published May 24, 2022
QsanTorture in QSAN Storage Manager does not filter special parameters properly that allows... Critical Unreviewed
CVE-2021-32513 was published May 24, 2022
QuickInstall in QSAN Storage Manager does not filter special parameters properly that allows... Critical Unreviewed
CVE-2021-32512 was published May 24, 2022
OS command injection vulnerability in Init function in QSAN XEVO allows remote attackers to... Critical Unreviewed
CVE-2021-32531 was published May 24, 2022
The QSAN SANOS setting page does not filter special parameters. Remote attackers can use this... Critical Unreviewed
CVE-2021-32533 was published May 24, 2022
OS command injection vulnerability in Array function in QSAN XEVO allows remote unauthenticated... Critical Unreviewed
CVE-2021-32530 was published May 24, 2022
A command injection vulnerabilities have been reported to affect QTS and QuTS hero. If exploited,... Critical Unreviewed
CVE-2021-28802 was published May 24, 2022
A command injection vulnerabilities have been reported to affect QTS and QuTS hero. If exploited,... Critical Unreviewed
CVE-2021-28804 was published May 24, 2022
Inkdrop versions prior to v5.3.1 allows an attacker to execute arbitrary OS commands on the... High Unreviewed
CVE-2021-20745 was published May 24, 2022
Hitachi Virtual File Platform Versions prior to 5.5.3-09 and Versions prior to 6.4.3-09, and NEC... High Unreviewed
CVE-2021-20740 was published May 24, 2022
Vulnerability in the CommandPost, Collector, and Sensor components of Fidelis Network and... High Unreviewed
CVE-2021-35047 was published May 24, 2022
In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection... High Unreviewed
CVE-2021-33532 was published May 24, 2022
In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection... High Unreviewed
CVE-2021-33530 was published May 24, 2022
In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection... High Unreviewed
CVE-2021-33534 was published May 24, 2022
In Weidmueller Industrial WLAN devices in multiple versions an exploitable command injection... High Unreviewed
CVE-2021-33533 was published May 24, 2022
Telesquare SDT-CW3B1 1.1.0 is affected by an OS command injection vulnerability that allows a... Critical Unreviewed
CVE-2021-46422 was published Apr 28, 2022
In the "webupg" binary of D-Link DIR-825 G1, because of the lack of parameter verification,... High Unreviewed
CVE-2021-46441 was published Apr 28, 2022
In Bender/ebee Charge Controllers in multiple versions are prone to Command injection via Web... High Unreviewed
CVE-2021-34602 was published Apr 28, 2022
ballcat-codegen template engine remote code execution injection High
CVE-2022-24881 was published for com.hccake:ballcat-codegen (Maven) Apr 27, 2022
LuckyT0mat0
Credited to LuckyT0mat0
An attacker could leverage an API to pass along a malicious file that could then manipulate the... Critical Unreviewed
CVE-2021-32933 was published Apr 3, 2022
A command injection vulnerability has been reported to affect QNAP NAS running legacy versions of... Critical Unreviewed
CVE-2021-28800 was published May 24, 2022
A vulnerability exists in RaspAP 2.6 to 2.6.5 in the "iface" GET parameter in /ajax/networking... Critical Unreviewed
CVE-2021-33357 was published May 24, 2022
If exploited, this command injection vulnerability could allow remote attackers to run arbitrary... High Unreviewed
CVE-2021-28811 was published May 24, 2022
A vulnerability in the configuration dashboard of Cisco Common Services Platform Collector (CSPC)... High Unreviewed
CVE-2021-1538 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database