Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,104 advisories

Loading
Genexis PLATINUM 4410 2.1 P4410-V2-1.28 devices allow remote attackers to execute arbitrary code... Critical Unreviewed
CVE-2021-29003 was published May 24, 2022
PowerScale OneFS 8.1.2,8.2.2 and 9.1.0 contains an improper input sanitization issue in a command... High Unreviewed
CVE-2021-21503 was published May 24, 2022
In Carlo Gavazzi UWP3.0 in multiple versions and CPY Car Park Server in Version 2.8.3 a remote,... Critical Unreviewed
CVE-2022-28811 was published Sep 29, 2022
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed
CVE-2021-27256 was published May 24, 2022
OS command injection vulnerability in Jenkins Play Framework Plugin High
CVE-2020-2200 was published for org.jenkins-ci.plugins:play-autotest-plugin (Maven) May 24, 2022
NotMyFault
Credited to NotMyFault
EPrints 3.4.2 allows remote attackers to read arbitrary files and possibly execute commands via... Critical Unreviewed
CVE-2021-3342 was published May 24, 2022
USVN (aka User-friendly SVN) before 1.0.9 allows remote code execution via shell metacharacters... Critical Unreviewed
CVE-2020-17363 was published May 24, 2022
OS Command Injection vulnerability when changing date settings or hostname using web GUI of... High Unreviewed
CVE-2021-26724 was published May 24, 2022
Racom's MIDGE Firmware 4.4.40.105 contains an issue that allows users to escape the provided... High Unreviewed
CVE-2021-20074 was published May 24, 2022
ELECOM WRC-300FEBK-S allows an attacker with administrator rights to execute arbitrary OS... High Unreviewed
CVE-2021-20648 was published May 24, 2022
LOGITEC LAN-W300N/PGRB allows an attacker with administrative privilege to execute arbitrary OS... High Unreviewed
CVE-2021-20638 was published May 24, 2022
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed
CVE-2020-27861 was published May 24, 2022
Dell EMC PowerScale OneFS versions 8.1.0 - 9.1.0 contain an improper input validation... High Unreviewed
CVE-2020-26193 was published May 24, 2022
LUCY Security Awareness Software through 4.7.x allows unauthenticated remote code execution... Critical Unreviewed
CVE-2021-28132 was published May 24, 2022
A vulnerability in a CLI command of Cisco IOS XR Software for the Cisco 8000 Series Routers and... High Unreviewed
CVE-2021-1370 was published May 24, 2022
rakibtg Docker Dashboard before 2021-02-28 allows command injection in backend/utilities/terminal... Critical Unreviewed
CVE-2021-27886 was published May 24, 2022
EPrints 3.4.2 allows remote attackers to execute OS commands via crafted LaTeX input to a cgi/cal... Critical Unreviewed
CVE-2021-26476 was published May 24, 2022
Pepperl+Fuchs Comtrol IO-Link Master in Version 1.5.48 and below is prone to an authenticated... High Unreviewed
CVE-2020-12513 was published May 24, 2022
An OS command injection vulnerability in FortiDeceptor 3.1.0, 3.0.1, 3.0.0 may allow a remote... High Unreviewed
CVE-2020-29017 was published May 24, 2022
DELL EMC Avamar Server, versions 19.1, 19.2, 19.3, contain an OS Command Injection Vulnerability... Critical Unreviewed
CVE-2020-29495 was published May 24, 2022
A command injection vulnerability in ModifyVLANItem of Trend Micro InterScan Web Security Virtual... High Unreviewed
CVE-2020-28581 was published May 24, 2022
An issue was discovered in the Manage Plugins page in Nagios XI before 5.8.0. Because the line... High Unreviewed
CVE-2020-35578 was published May 24, 2022
Multiple vulnerabilities in Cisco Jabber for Windows, Jabber for MacOS, and Jabber for mobile... Critical Unreviewed
CVE-2020-26085 was published May 24, 2022
CMCAgent in NCR Command Center Agent 16.3 on Aloha POS/BOH servers permits the submission of a... Critical Unreviewed
CVE-2021-3122 was published May 24, 2022
The Patient Portal of OpenEMR 5.0.2.1 is affected by a Command Injection vulnerability in ... High Unreviewed
CVE-2020-36243 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database