Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,100 advisories

Loading
A improper neutralization of special elements used in an os command ('os command injection') in... High Unreviewed
CVE-2021-43073 was published Feb 8, 2022
D-Link devices DIR_878 DIR_878_FW1.30B08_Hotfix_02 and DIR_882 DIR_882_FW1.30B06_Hotfix_02 were... Critical Unreviewed
CVE-2021-44880 was published Feb 8, 2022
D-Link device DIR_878_FW1.30B08_Hotfix_02 was discovered to contain a command injection... Critical Unreviewed
CVE-2021-44882 was published Feb 8, 2022
D-Link device DIR_882 DIR_882_FW1.30B06_Hotfix_02 was discovered to contain a command injection... Critical Unreviewed
CVE-2021-44881 was published Feb 8, 2022
Improper neutralization of special elements used in an OS command ('OS Command Injection')... High Unreviewed
CVE-2021-43928 was published Feb 8, 2022
A improper neutralization of special elements used in an os command ('os command injection') in... High Unreviewed
CVE-2021-41018 was published Feb 3, 2022
Liferay Portal Server tested on 7.3.5 GA6, 7.2.0 GA1 is affected by OS Command Injection. An... High Unreviewed
CVE-2020-28885 was published Jan 29, 2022
Liferay Portal Server tested on 7.3.5 GA6, 7.2.0 GA1 is affected by OS Command Injection. An... High Unreviewed
CVE-2020-28884 was published Jan 29, 2022
An OS command injection vulnerability exists in the device network settings functionality of... High Unreviewed
CVE-2021-40411 was published Jan 29, 2022
An OS command injection vulnerability exists in the device network settings functionality of... Critical Unreviewed
CVE-2021-40408 was published Jan 29, 2022
An OS command injection vulnerability exists in the device network settings functionality of... Critical Unreviewed
CVE-2021-40409 was published Jan 29, 2022
An OS command injection vulnerability exists in the device network settings functionality of... Critical Unreviewed
CVE-2021-40407 was published Jan 29, 2022
An OS command injection vulnerability exists in the device network settings functionality of... High Unreviewed
CVE-2021-40410 was published Jan 29, 2022
An OScommand injection vulnerability exists in the device network settings functionality of... High Unreviewed
CVE-2021-40412 was published Jan 29, 2022
Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authenticated remote code... High Unreviewed
CVE-2021-36295 was published Jan 27, 2022
Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authenticated remote code... High Unreviewed
CVE-2021-36296 was published Jan 27, 2022
Improper sanitization in the invocation of ODA File Converter from FreeCAD 0.19 allows an... High Unreviewed
CVE-2021-45844 was published Jan 26, 2022
The Path Sanity Check script of FreeCAD 0.19 is vulnerable to OS command injection, allowing an... High Unreviewed
CVE-2021-45845 was published Jan 26, 2022
Dell EMC Unity, Dell EMC UnityVSA and Dell EMC Unity XT versions prior to 5.1.2.0.5.007 contain... High Unreviewed
CVE-2021-43589 was published Jan 25, 2022
Improper Neutralization of Argument Delimiters in a Decompiling Package Process in APKLeaks Critical
CVE-2021-21386 was published for APKLeaks (pip) Jan 21, 2022
Ry0taK
Credited to Ry0taK
A command Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.7.5 allows local... High Unreviewed
CVE-2021-31854 was published Jan 20, 2022
IBM FileNet Content Manager 5.5.4, 5.5.6, and 5.5.7 could allow a remote authenticated attacker... High Unreviewed
CVE-2021-38965 was published Jan 18, 2022
The files_antivirus component before 1.0.0 for ownCloud allows OS Command Injection via the... High Unreviewed
CVE-2021-33827 was published Jan 16, 2022
China Mobile An Lianbao WF-1 router v1.0.1 is affected by an OS command injection vulnerability... Critical Unreviewed
CVE-2021-33962 was published Jan 15, 2022
OS command execution vulnerability in Jenkins Docker Commons Plugin High
CVE-2022-20617 was published for org.jenkins-ci.plugins:docker-commons (Maven) Jan 13, 2022
westonsteimel
Credited to westonsteimel
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database