GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,616

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,267 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A command injection vulnerability in MVISION EDR (MVEDR) prior to 3.4.0 allows an authenticated... Critical Unreviewed

CVE-2021-31838 was published May 24, 2022

A command injection vulnerability has been reported to affect QNAP NAS running legacy versions of... Critical Unreviewed

CVE-2021-28800 was published May 24, 2022

SGE-PLC1000 device, in its 0.9.2b firmware version, does not handle some requests correctly,... Critical Unreviewed

CVE-2021-33841 was published May 24, 2022

A vulnerability exists in RaspAP 2.6 to 2.6.5 in the "iface" GET parameter in /ajax/networking... Critical Unreviewed

CVE-2021-33357 was published May 24, 2022

Vembu BDR Suite before 4.2.0 allows Unauthenticated Remote Code Execution by placing a command in... Critical Unreviewed

CVE-2021-26472 was published May 24, 2022

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker via the... Critical Unreviewed

CVE-2021-33514 was published May 24, 2022

WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell... Critical Unreviewed

CVE-2021-32305 was published May 24, 2022

The unprivileged user portal part of CentOS Web Panel is affected by a Command Injection... Critical Unreviewed

CVE-2021-31324 was published May 24, 2022

zzzcms zzzphp before 2.0.4 allows remote attackers to execute arbitrary OS commands by placing... Critical Unreviewed

CVE-2021-32605 was published May 24, 2022

In JetBrains TeamCity before 2020.2.4, OS command injection leading to remote code execution was... Critical Unreviewed

CVE-2021-31915 was published May 24, 2022

Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow... Critical Unreviewed

CVE-2021-1498 was published May 24, 2022

Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow... Critical Unreviewed

CVE-2021-1497 was published May 24, 2022

The api/ZRIGMP/set_MLD_PROXY interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote... Critical Unreviewed

CVE-2021-30234 was published May 24, 2022

The api/ZRAndlink/set_ZRAndlink interface in China Mobile An Lianbao WF-1 router 1.0.1 allows... Critical Unreviewed

CVE-2021-30228 was published May 24, 2022

The api/ZRIptv/setIptvInfo interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote... Critical Unreviewed

CVE-2021-30233 was published May 24, 2022

The api/ZRFirmware/set_time_zone interface in China Mobile An Lianbao WF-1 router 1.0.1 allows... Critical Unreviewed

CVE-2021-30230 was published May 24, 2022

The api/zrDm/set_ZRElink interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote... Critical Unreviewed

CVE-2021-30231 was published May 24, 2022

The api/ZRIGMP/set_IGMP_PROXY interface in China Mobile An Lianbao WF-1 router 1.0.1 allows... Critical Unreviewed

CVE-2021-30232 was published May 24, 2022

An input validation flaw in the Symantec Security Analytics web UI 7.2 prior 7.2.7, 8.1, prior to... Critical Unreviewed

CVE-2021-30642 was published May 24, 2022

Aterm WG2600HS firmware Ver1.5.1 and earlier allows an attacker to execute arbitrary OS commands... Critical Unreviewed

CVE-2021-20711 was published May 24, 2022

An OS command injection vulnerability in the installUpdateThemePluginAction function in index.php... Critical Unreviewed

CVE-2020-35314 was published May 24, 2022

Command Injection in Tenda G0 routers with firmware versions v15.11.0.6(9039)_CN and v15.11.0.5... Critical Unreviewed

CVE-2021-27691 was published May 24, 2022

Command Injection in Tenda G1 and G3 routers with firmware versions v15.11.0.17(9502)_CN or v15... Critical Unreviewed

CVE-2021-27692 was published May 24, 2022

Command Injection in TOTOLINK X5000R router with firmware v9.1.0u.6118_B20201102, and TOTOLINK... Critical Unreviewed

CVE-2021-27710 was published May 24, 2022

Command Injection in TOTOLINK X5000R router with firmware v9.1.0u.6118_B20201102, and TOTOLINK... Critical Unreviewed

CVE-2021-27708 was published May 24, 2022

Previous 1…31…51 Next

Previous 1 2 … 29 30 31 32 33 … 50 51 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,267 advisories