GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,600
Composer 5,005
Erlang 39
GitHub Actions 38
Go 2,635
Maven 6,103
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,396

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,071 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Btrbk before 0.31.2 allows command execution because of the mishandling of remote hosts filtering... Critical Unreviewed

CVE-2021-38173 was published May 24, 2022

In ProLink PRC2402M V1.0.18 and older, the set_TR069 function in the adm.cgi binary, accessible... Critical Unreviewed

CVE-2021-36705 was published May 24, 2022

In ProLink PRC2402M V1.0.18 and older, the set_sys_cmd function in the adm.cgi binary, accessible... Critical Unreviewed

CVE-2021-36706 was published May 24, 2022

In ProLink PRC2402M V1.0.18 and older, the set_ledonoff function in the adm.cgi binary,... Critical Unreviewed

CVE-2021-36707 was published May 24, 2022

The unofficial vscode-phpmd (aka PHP Mess Detector) extension before 1.3.0 for Visual Studio Code... Critical Unreviewed

CVE-2021-30124 was published May 24, 2022

An command injection vulnerability in HNAP1/SetWLanApcliSettings of Motorola CX2 router CX 1.0.2... Critical Unreviewed

CVE-2020-21937 was published May 24, 2022

A command injection vulnerability in HNAP1/GetNetworkTomographySettings of Motorola CX2 router CX... Critical Unreviewed

CVE-2020-21935 was published May 24, 2022

Command injection vulnerability in QSAN XEVO, SANOS allows remote unauthenticated attackers to... Critical Unreviewed

CVE-2021-32529 was published May 24, 2022

A command injection vulnerability in MVISION EDR (MVEDR) prior to 3.4.0 allows an authenticated... Critical Unreviewed

CVE-2021-31838 was published May 24, 2022

Sharp NEC Displays (UN462A R1.300 and prior to it, UN462VA R1.300 and prior to it, UN492S R1.300... Critical Unreviewed

CVE-2021-20698 was published May 24, 2022

Sharp NEC Displays (UN462A R1.300 and prior to it, UN462VA R1.300 and prior to it, UN492S R1.300... Critical Unreviewed

CVE-2021-20699 was published May 24, 2022

In Versa Director, the command injection is an attack in which the goal is execution of arbitrary... Critical Unreviewed

CVE-2019-25029 was published May 24, 2022

Command Injection in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation or Code... Critical Unreviewed

CVE-2020-28901 was published May 24, 2022

Command Injection in Nagios Fusion 4.1.8 and earlier allows for Privilege Escalation to nagios. Critical Unreviewed

CVE-2020-28908 was published May 24, 2022

Command Injection in Nagios Fusion 4.1.8 and earlier allows Privilege Escalation from apache to... Critical Unreviewed

CVE-2020-28902 was published May 24, 2022

In the pg_partman (aka PG Partition Manager) extension before 4.5.1 for PostgreSQL, arbitrary... Critical Unreviewed

CVE-2021-33204 was published May 24, 2022

In Pluck-4.7.10-dev2 admin background, a remote command execution vulnerability exists when... Critical Unreviewed

CVE-2020-20951 was published May 24, 2022

The unprivileged user portal part of CentOS Web Panel is affected by a Command Injection... Critical Unreviewed

CVE-2021-31324 was published May 24, 2022

VMware vRealize Business for Cloud 7.x prior to 7.6.0 contains a remote code execution... Critical Unreviewed

CVE-2021-21984 was published May 24, 2022

Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow... Critical Unreviewed

CVE-2021-1498 was published May 24, 2022

IBM QRadar SIEM 7.3 and 7.4 is vulnerable to insecure inter-deployment communication. An attacker... Critical Unreviewed

CVE-2020-4979 was published May 24, 2022

Command injection vulnerability in China Mobile An Lianbao WF-1 1.01 via the 'ip' parameter with... Critical Unreviewed

CVE-2021-25812 was published May 24, 2022

The api/ZRIGMP/set_MLD_PROXY interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote... Critical Unreviewed

CVE-2021-30234 was published May 24, 2022

The api/ZRAndlink/set_ZRAndlink interface in China Mobile An Lianbao WF-1 router 1.0.1 allows... Critical Unreviewed

CVE-2021-30228 was published May 24, 2022

The api/ZRIptv/setIptvInfo interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote... Critical Unreviewed

CVE-2021-30233 was published May 24, 2022

Previous 1…28…43 Next

Previous 1 2 … 26 27 28 29 30 … 42 43 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,071 advisories