GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,638
Composer 5,007
Erlang 39
GitHub Actions 38
Go 2,645
Maven 6,108
npm 4,271
NuGet 760
pip 4,065
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,148

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

4,104 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An OS command injection vulnerability in FortiWeb's management interface 6.3.7 and below, 6.2.3... High Unreviewed

CVE-2021-22123 was published May 24, 2022

A vulnerability in the SonicWall NSM On-Prem product allows an authenticated attacker to perform... High Unreviewed

CVE-2021-20026 was published May 24, 2022

EyesOfNetwork eonweb through 5.3-11 allows Remote Command Execution (by authenticated users) via... High Unreviewed

CVE-2021-33525 was published May 24, 2022

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker via the... Critical Unreviewed

CVE-2021-33514 was published May 24, 2022

RFNTPS firmware versions System_01000004 and earlier, and Web_01000004 and earlier allow an... High Unreviewed

CVE-2021-20719 was published May 24, 2022

Multiple vulnerabilities in Cisco DNA Spaces Connector could allow an authenticated, local... High Unreviewed

CVE-2021-1557 was published May 24, 2022

Multiple vulnerabilities in Cisco DNA Spaces Connector could allow an authenticated, local... High Unreviewed

CVE-2021-1558 was published May 24, 2022

Hongdian H8922 3.0.5 devices allow OS command injection via shell metacharacters into the ip... High Unreviewed

CVE-2021-28151 was published May 24, 2022

The api/ZRIptv/setIptvInfo interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote... Critical Unreviewed

CVE-2021-30233 was published May 24, 2022

A remote unauthorized access vulnerability was discovered in Aruba AirWave Management Platform... High Unreviewed

CVE-2021-25167 was published May 24, 2022

The api/ZRIGMP/set_IGMP_PROXY interface in China Mobile An Lianbao WF-1 router 1.0.1 allows... Critical Unreviewed

CVE-2021-30232 was published May 24, 2022

The api/zrDm/set_zrDm interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote... High Unreviewed

CVE-2021-30229 was published May 24, 2022

The api/ZRFirmware/set_time_zone interface in China Mobile An Lianbao WF-1 router 1.0.1 allows... Critical Unreviewed

CVE-2021-30230 was published May 24, 2022

An OS command injection vulnerability in the installUpdateThemePluginAction function in index.php... Critical Unreviewed

CVE-2020-35314 was published May 24, 2022

Command Injection in TOTOLINK X5000R router with firmware v9.1.0u.6118_B20201102, and TOTOLINK... Critical Unreviewed

CVE-2021-27710 was published May 24, 2022

Unibox U-50 2.4 and UniBox Enterprise Series 2.4 and UniBox Campus Series 2.4 contain a OS... High Unreviewed

CVE-2020-21883 was published May 24, 2022

An issue was discovered on Enphase Envoy R3.x and D4.x (and other current) devices. The... High Unreviewed

CVE-2020-25755 was published May 24, 2022

A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant... High Unreviewed

CVE-2020-24635 was published May 24, 2022

WSR-1166DHP3 firmware Ver.1.16 and prior and WSR-1166DHP4 firmware Ver.1.02 and prior allow an... High Unreviewed

CVE-2021-20731 was published May 24, 2022

Vembu BDR Suite before 4.2.0 allows Unauthenticated Remote Code Execution by placing a command in... Critical Unreviewed

CVE-2021-26472 was published May 24, 2022

Command injection in mail agent settings High

CVE-2021-37708 was published for shopware/core (Composer) Aug 30, 2021

A post-authenticated command injection vulnerability in SonicWall SMA100 allows an authenticated... High Unreviewed

CVE-2021-20017 was published May 24, 2022

OS command injection vulnerability in Nintendo Wi-Fi Network Adaptor WAP-001 All versions allows... High Unreviewed

CVE-2022-36381 was published Aug 17, 2022

SmartFabric storage software version 1.0.0 contains a Command-Injection vulnerability. A remote... Critical Unreviewed

CVE-2022-31232 was published Aug 31, 2022

Multiple vulnerabilities in Cisco DNA Spaces Connector could allow an authenticated, remote... High Unreviewed

CVE-2021-1560 was published May 24, 2022

Previous 1…140…165 Next

Previous 1 2 … 138 139 140 141 142 … 164 165 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

4,104 advisories