Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

791 advisories

Loading
An exploitable command injection vulnerability exists in the web management interface used by the... High Unreviewed
CVE-2017-2833 was published May 13, 2022
The BeanShell components of IRISNext through 9.8.28 allow execution of arbitrary commands on the... High Unreviewed
CVE-2022-26111 was published Apr 26, 2022
SolarWinds Platform was susceptible to Command Injection. This vulnerability allows a remote... High Unreviewed
CVE-2022-36962 was published Nov 29, 2022
A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy... High Unreviewed
CVE-2021-26684 was published May 24, 2022
A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy... High Unreviewed
CVE-2021-26683 was published May 24, 2022
A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy... High Unreviewed
CVE-2021-26680 was published May 24, 2022
A remote authenticated command Injection vulnerability was discovered in Aruba ClearPass Policy... High Unreviewed
CVE-2021-26681 was published May 24, 2022
vSphere Replication 8.3.x prior to 8.3.1.2, 8.2.x prior to 8.2.1.1, 8.1.x prior to 8.1.2.3 and 6... High Unreviewed
CVE-2021-21976 was published May 24, 2022
A remote unauthorized access vulnerability was discovered in Aruba AirWave Management Platform... High Unreviewed
CVE-2021-25166 was published May 24, 2022
Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability High Unreviewed
CVE-2021-28455 was published May 24, 2022
Skype for Business and Lync Remote Code Execution Vulnerability High Unreviewed
CVE-2021-26422 was published May 24, 2022
prog.cgi on D-Link DIR-3060 devices before 1.11b04 HF2 allows remote authenticated users to... High Unreviewed
CVE-2021-28144 was published May 24, 2022
** DISPUTED ** MikroTik RouterOS 6.47.9 allows remote authenticated ftp users to create or... High Unreviewed
CVE-2021-27221 was published May 24, 2022
A command Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.7.5 allows local... High Unreviewed
CVE-2021-31854 was published Jan 20, 2022
A command injection on the /admin/broadcast.php script of Invigo Automatic Device Management (ADM... High Unreviewed
CVE-2020-10580 was published May 24, 2022
An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices. There is a luci_service Read_... High Unreviewed
CVE-2020-35755 was published May 24, 2022
Visual Studio Code Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31211. High Unreviewed
CVE-2021-31214 was published May 24, 2022
Grandstream GRP261x VoIP phone running firmware version 1.0.3.6 (Base) allows Command Injection... High Unreviewed
CVE-2020-25217 was published May 24, 2022
Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of... High Unreviewed
CVE-2021-29703 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W,... High Unreviewed
CVE-2021-1148 was published May 24, 2022
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy... High Unreviewed
CVE-2021-34611 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W,... High Unreviewed
CVE-2021-1149 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016,... High Unreviewed
CVE-2021-1317 was published May 24, 2022
AVE DOMINAplus <=1.10.x suffers from an unauthenticated reboot command execution. Attackers can... High Unreviewed
CVE-2020-21996 was published May 24, 2022
KLog Server through 2.4.1 allows authenticated command injection. async.php calls shell_exec() on... High Unreviewed
CVE-2021-3317 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API