GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,600
Composer 5,005
Erlang 39
GitHub Actions 38
Go 2,635
Maven 6,103
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,394

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,071 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The api/ZRFirmware/set_time_zone interface in China Mobile An Lianbao WF-1 router 1.0.1 allows... Critical Unreviewed

CVE-2021-30230 was published May 24, 2022

The api/zrDm/set_ZRElink interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote... Critical Unreviewed

CVE-2021-30231 was published May 24, 2022

The api/ZRIGMP/set_IGMP_PROXY interface in China Mobile An Lianbao WF-1 router 1.0.1 allows... Critical Unreviewed

CVE-2021-30232 was published May 24, 2022

Akuvox C315 115.116.2613 allows remote command Injection via the cfgd_server service. The attack... Critical Unreviewed

CVE-2021-31726 was published May 24, 2022

A command injection vulnerability has been reported to affect QTS and QuTS hero. If exploited,... Critical Unreviewed

CVE-2020-2509 was published May 24, 2022

An exploitable unatuhenticated command injection exists in the OpenClinic GA 5.173.3. Specially... Critical Unreviewed

CVE-2020-27227 was published May 24, 2022

CONQUEST DICOM SERVER before 1.5.0 has a code execution vulnerability which can be exploited by... Critical Unreviewed

CVE-2020-35308 was published May 24, 2022

A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant... Critical Unreviewed

CVE-2020-24636 was published May 24, 2022

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed

CVE-2021-29077 was published May 24, 2022

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed

CVE-2021-29078 was published May 24, 2022

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed

CVE-2021-29079 was published May 24, 2022

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed

CVE-2021-29076 was published May 24, 2022

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Critical Unreviewed

CVE-2021-29071 was published May 24, 2022

rakibtg Docker Dashboard before 2021-02-28 allows command injection in backend/utilities/terminal... Critical Unreviewed

CVE-2021-27886 was published May 24, 2022

SaltStack Salt command injection in the Salt-API when using the Salt-SSH client Critical

CVE-2021-3148 was published for salt (pip) May 24, 2022

Wavlink WN575A4 and WN579X3 devices through 2020-05-15 allow unauthenticated remote users to... Critical Unreviewed

CVE-2020-13117 was published May 24, 2022

Bitcoin Core before 0.19.0 might allow remote attackers to execute arbitrary code when another... Critical Unreviewed

CVE-2021-3401 was published May 24, 2022

D-Link DNS-320 FW v2.06B01 Revision Ax is affected by command injection in the system_mgr.cgi... Critical Unreviewed

CVE-2020-25506 was published May 24, 2022

The D-Link DSR-250 (3.14) DSR-1000N (2.11B201) UPnP service contains a command injection... Critical Unreviewed

CVE-2020-18568 was published May 24, 2022

Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an... Critical Unreviewed

CVE-2021-1142 was published May 24, 2022

Barco TransForm NDN-210 Lite, NDN-210 Pro, NDN-211 Lite, and NDN-211 Pro before 3.8 allows... Critical Unreviewed

CVE-2020-17500 was published May 24, 2022

NETGEAR NMS300 devices before 1.6.0.27 are affected by command injection by an unauthenticated... Critical Unreviewed

CVE-2020-35797 was published May 24, 2022

Command Injection in EntoneWebEngine in Amino Communications AK45x series, AK5xx series, AK65x... Critical Unreviewed

CVE-2020-10208 was published May 24, 2022

Green Packet WiMax DV-360 2.10.14-g1.0.6.1 devices allow Command Injection, with unauthenticated... Critical Unreviewed

CVE-2018-14067 was published May 24, 2022

A command injection vulnerability in Trend Micro InterScan Web Security Virtual Appliance 6.5 SP2... Critical Unreviewed

CVE-2020-8466 was published May 24, 2022

Previous 1…29…43 Next

Previous 1 2 … 27 28 29 30 31 … 42 43 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,071 advisories