GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,992
Erlang
39
GitHub Actions
38
Go
2,634
Maven
5,000+
npm
4,258
NuGet
760
pip
4,051
Pub
12
RubyGems
955
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+
4,099 advisories
Filter by severity
OS Command Injection in diskusage-ng
Critical
CVE-2020-7631
was published
for
diskusage-ng
(npm)
Jan 7, 2022
OS Command Injection in node-mpv
Critical
CVE-2020-7632
was published
for
node-mpv
(npm)
Jan 7, 2022
An authenticated user can execute arbitrary command in Gerapy
High
CVE-2021-32849
was published
for
gerapy
(pip)
Jan 6, 2022
OS Command Injection in Laravel Framework
High
CVE-2020-19316
was published
for
laravel/framework
(Composer)
Jan 6, 2022
Gerapy may cause remote code execution
Critical
CVE-2021-43857
was published
for
gerapy
(pip)
Jan 6, 2022
A vulnerability in the 'libsal.so' of the Zyxel GS1900 series firmware version 2.60 could allow...
High
Unreviewed
CVE-2021-35032
was published
Dec 29, 2021
A vulnerability in the TFTP client of Zyxel GS1900 series firmware, XGS1210 series firmware, and...
High
Unreviewed
CVE-2021-35031
was published
Dec 29, 2021
TP-Link wifi router TL-WR802N V4(JP), with firmware version prior to 211202, is vulnerable to OS...
High
Unreviewed
CVE-2021-4144
was published
Dec 24, 2021
mySCADA myPRO: Versions 8.20.0 and prior has a feature where the API password can be specified,...
Critical
Unreviewed
CVE-2021-22657
was published
Dec 24, 2021
mySCADA myPRO: Versions 8.20.0 and prior has a feature where the password can be specified, which...
Critical
Unreviewed
CVE-2021-23198
was published
Dec 24, 2021
A server side remote code execution vulnerability was found in Foreman project. A authenticated...
High
Unreviewed
CVE-2021-3584
was published
Dec 24, 2021
mySCADA myPRO: Versions 8.20.0 and prior has a feature where the firmware can be updated, which...
Critical
Unreviewed
CVE-2021-43984
was published
Dec 24, 2021
mySCADA myPRO: Versions 8.20.0 and prior has a feature to send emails, which may allow an...
Critical
Unreviewed
CVE-2021-43981
was published
Dec 24, 2021
mySCADA myPRO: Versions 8.20.0 and prior has a vulnerable debug interface which includes a ping...
Critical
Unreviewed
CVE-2021-44453
was published
Dec 24, 2021
A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via...
High
Unreviewed
CVE-2021-3621
was published
Dec 24, 2021
A specially-crafted HTTP request can lead to arbitrary command execution in RSA keypasswd...
Critical
Unreviewed
CVE-2021-21873
was published
Dec 23, 2021
An OS command injection vulnerability exists in the Web Manager Diagnostics: Traceroute...
Critical
Unreviewed
CVE-2021-21872
was published
Dec 23, 2021
A specially-crafted HTTP request can lead to arbitrary command execution in DSA keypasswd...
Critical
Unreviewed
CVE-2021-21874
was published
Dec 23, 2021
A specially-crafted HTTP request can lead to arbitrary command execution in EC keypasswd...
Critical
Unreviewed
CVE-2021-21875
was published
Dec 23, 2021
Specially-crafted HTTP requests can lead to arbitrary command execution in PUT requests. An...
Critical
Unreviewed
CVE-2021-21876
was published
Dec 23, 2021
Specially-crafted HTTP requests can lead to arbitrary command execution in “GET” requests. An...
Critical
Unreviewed
CVE-2021-21877
was published
Dec 23, 2021
An OS command injection vulnerability exists in the Web Manager Wireless Network Scanner...
Critical
Unreviewed
CVE-2021-21881
was published
Dec 23, 2021
An OS command injection vulnerability exists in the Web Manager FsUnmount functionality of...
High
Unreviewed
CVE-2021-21882
was published
Dec 23, 2021
An OS command injection vulnerability exists in the Web Manager SslGenerateCSR functionality of...
Critical
Unreviewed
CVE-2021-21884
was published
Dec 23, 2021
ProTip!
Advisories are also available from the
GraphQL API