Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,267 advisories

Loading
An issue was discovered in D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used... Critical Unreviewed
CVE-2021-27113 was published May 24, 2022
Genexis PLATINUM 4410 2.1 P4410-V2-1.28 devices allow remote attackers to execute arbitrary code... Critical Unreviewed
CVE-2021-29003 was published May 24, 2022
An exploitable unatuhenticated command injection exists in the OpenClinic GA 5.173.3. Specially... Critical Unreviewed
CVE-2020-27227 was published May 24, 2022
Multiple vulnerabilities exist in the web-based management interface of Cisco Small Business RV... Critical Unreviewed
CVE-2021-1473 was published May 24, 2022
HNAP1/control/SetMasterWLanSettings.php in D-Link D-Link Router DIR-846 DIR-846 A1_100.26 allows... Critical Unreviewed
CVE-2020-27600 was published May 24, 2022
A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant... Critical Unreviewed
CVE-2020-24636 was published May 24, 2022
In Apache SpamAssassin before 3.4.5, malicious rule configuration (.cf) files can be configured... Critical Unreviewed
CVE-2020-1946 was published May 24, 2022
LUCY Security Awareness Software through 4.7.x allows unauthenticated remote code execution... Critical Unreviewed
CVE-2021-28132 was published May 24, 2022
rakibtg Docker Dashboard before 2021-02-28 allows command injection in backend/utilities/terminal... Critical Unreviewed
CVE-2021-27886 was published May 24, 2022
EPrints 3.4.2 allows remote attackers to read arbitrary files and possibly execute commands via... Critical Unreviewed
CVE-2021-3342 was published May 24, 2022
EPrints 3.4.2 allows remote attackers to execute OS commands via crafted LaTeX input to a cgi/cal... Critical Unreviewed
CVE-2021-26476 was published May 24, 2022
SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an attacker to execute arbitrary OS... Critical Unreviewed
CVE-2021-20658 was published May 24, 2022
OpenRepeater (ORP) before 2.2 allows unauthenticated command injection via shell metacharacters... Critical Unreviewed
CVE-2019-25024 was published May 24, 2022
Netis WF2780 2.3.40404 and WF2411 1.1.29629 devices allow Shell Metacharacter Injection into the... Critical Unreviewed
CVE-2021-26747 was published May 24, 2022
Accellion FTA 9_12_370 and earlier is affected by OS command execution via a crafted POST request... Critical Unreviewed
CVE-2021-27104 was published May 24, 2022
Magento OS Command Injection Critical
CVE-2021-21018 was published for magento/community-edition (Composer) May 24, 2022
Magento OS command injection via the WebAPI Critical
CVE-2021-21016 was published for magento/community-edition (Composer) May 24, 2022
Remote Code execution vulnerability in Micro Focus Operation Bridge Reporter (OBR) product,... Critical Unreviewed
CVE-2021-22502 was published May 24, 2022
An issue was discovered in Svakom Siime Eye 14.1.00000001.3.330.0.0.3.14. A command injection... Critical Unreviewed
CVE-2020-11920 was published May 24, 2022
CMCAgent in NCR Command Center Agent 16.3 on Aloha POS/BOH servers permits the submission of a... Critical Unreviewed
CVE-2021-3122 was published May 24, 2022
The vulnerability have been reported to affect earlier versions of QTS. If exploited, this... Critical Unreviewed
CVE-2020-2507 was published May 24, 2022
D-Link DNS-320 FW v2.06B01 Revision Ax is affected by command injection in the system_mgr.cgi... Critical Unreviewed
CVE-2020-25506 was published May 24, 2022
TerraMaster TOS before 4.1.29 has Invalid Parameter Checking that leads to code injection as root... Critical Unreviewed
CVE-2020-15568 was published May 24, 2022
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an... Critical Unreviewed
CVE-2021-1142 was published May 24, 2022
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an... Critical Unreviewed
CVE-2021-1138 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database