GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,816

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,267 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Command Injection in PPGo_Jobs v2.8.0 allows remote attackers to execute arbitrary code via the ... Critical Unreviewed

CVE-2020-26772 was published May 24, 2022

Zoho ManageEngine ADSelfService Plus through 6102 allows unauthenticated remote code execution in... Critical Unreviewed

CVE-2021-33055 was published May 24, 2022

From Apache NiFi MiNiFi C++ version 0.5.0 the c2 protocol implements an "agent-update" command... Critical Unreviewed

CVE-2021-33191 was published May 24, 2022

Network Attached Storage on LG N1T1*** 10124 devices allows an unauthenticated attacker to gain... Critical Unreviewed

CVE-2021-38306 was published May 24, 2022

Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool called 'MP Daemon' that... Critical Unreviewed

CVE-2021-35394 was published May 24, 2022

Quectel EG25-G devices through 202006130814 allow executing arbitrary code remotely by using an... Critical Unreviewed

CVE-2021-31698 was published May 24, 2022

Nagios XI Switch Wizard before version 2.5.7 is vulnerable to remote code execution through... Critical Unreviewed

CVE-2021-37344 was published May 24, 2022

Nagios XI WatchGuard Wizard before version 1.4.8 is vulnerable to remote code execution through... Critical Unreviewed

CVE-2021-37346 was published May 24, 2022

Sunhillo SureLine before 8.7.0.1.1 allows Unauthenticated OS Command Injection via shell... Critical Unreviewed

CVE-2021-36380 was published May 24, 2022

rConfig 3.9.5 allows command injection by sending a crafted GET request to lib/ajaxHandlers... Critical Unreviewed

CVE-2020-23151 was published May 24, 2022

An OS Command Injection vulnerability exists in the ping.php script functionality of Advantech R... Critical Unreviewed

CVE-2021-21805 was published May 24, 2022

eQ-3 HomeMatic CCU2 2.57.5 and CCU3 3.57.5 devices allow remote code execution. Critical Unreviewed

CVE-2021-33032 was published May 24, 2022

The restricted shell provided by Akkadian Provisioning Manager Engine (PME) can be bypassed by... Critical Unreviewed

CVE-2021-31580 was published May 24, 2022

An command injection vulnerability in HNAP1/SetWLanApcliSettings of Motorola CX2 router CX 1.0.2... Critical Unreviewed

CVE-2020-21937 was published May 24, 2022

A command injection vulnerability in HNAP1/GetNetworkTomographySettings of Motorola CX2 router CX... Critical Unreviewed

CVE-2020-21935 was published May 24, 2022

Dell EMC OpenManage Enterprise-Modular (OME-M) versions prior to 1.10.00 contain a command... Critical Unreviewed

CVE-2020-5322 was published May 24, 2022

QsanTorture in QSAN Storage Manager does not filter special parameters properly that allows... Critical Unreviewed

CVE-2021-32513 was published May 24, 2022

QuickInstall in QSAN Storage Manager does not filter special parameters properly that allows... Critical Unreviewed

CVE-2021-32512 was published May 24, 2022

Command injection vulnerability in QSAN Storage Manager allows remote privileged users to execute... Critical Unreviewed

CVE-2021-32524 was published May 24, 2022

OS command injection vulnerability in Init function in QSAN XEVO allows remote attackers to... Critical Unreviewed

CVE-2021-32531 was published May 24, 2022

The QSAN SANOS setting page does not filter special parameters. Remote attackers can use this... Critical Unreviewed

CVE-2021-32533 was published May 24, 2022

OS command injection vulnerability in Array function in QSAN XEVO allows remote unauthenticated... Critical Unreviewed

CVE-2021-32530 was published May 24, 2022

QSAN SANOS factory reset function does not filter special parameters. Remote attackers can use... Critical Unreviewed

CVE-2021-32534 was published May 24, 2022

A command injection vulnerabilities have been reported to affect QTS and QuTS hero. If exploited,... Critical Unreviewed

CVE-2021-28802 was published May 24, 2022

A command injection vulnerabilities have been reported to affect QTS and QuTS hero. If exploited,... Critical Unreviewed

CVE-2021-28804 was published May 24, 2022

Previous 1…30…51 Next

Previous 1 2 … 28 29 30 31 32 … 50 51 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,267 advisories