Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,956
Erlang
29
GitHub Actions
16
Go
1,740
Maven
4,967
npm
3,507
NuGet
609
pip
3,064
Pub
10
RubyGems
832
Rust
780
Swift
34
Unreviewed advisories
All unreviewed
5,000+

211 advisories

Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed
CVE-2021-45554 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed
CVE-2021-45549 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed
CVE-2021-45550 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed
CVE-2021-45545 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed
CVE-2021-45543 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed
CVE-2021-45542 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed
CVE-2021-45538 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed
CVE-2021-45539 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an authenticated user . This affects... Moderate Unreviewed
CVE-2021-45537 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed
CVE-2021-45536 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed
CVE-2021-45535 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed
CVE-2021-45533 was published Dec 27, 2021
Command Injection in Apache James Moderate
CVE-2021-38542 was published for org.apache.james:james-server (Maven) Jan 8, 2022
Command Injection in Apache Kylin Moderate
CVE-2021-45456 was published for org.apache.kylin:kylin (Maven) Jan 8, 2022
Command injection in strapi Moderate
CVE-2022-0764 was published for strapi (npm) Feb 27, 2022
A Denial of Service vulnerability exists in jhead 3.04 and 3.05 due to a wild address read in the... Moderate Unreviewed
CVE-2021-28275 was published Mar 24, 2022
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... Moderate Unreviewed
CVE-2022-25619 was published Mar 31, 2022
An exploitable vulnerability exists in the WiFi Channel parsing of Circle with Disney running... Moderate Unreviewed
CVE-2017-12094 was published May 13, 2022
The STARTTLS implementation in mail/ngx_mail_smtp_handler.c in the SMTP proxy in nginx 1.5.x and... Moderate Unreviewed
CVE-2014-3556 was published May 13, 2022
An attacker could inject commands to delete files and/or delete the contents of a file on CX... Moderate Unreviewed
CVE-2018-19013 was published May 13, 2022
A vulnerability in the CLI of Cisco Firepower Extensible Operating System (FXOS) and NX-OS System... Moderate Unreviewed
CVE-2017-12329 was published May 13, 2022
A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local... Moderate Unreviewed
CVE-2017-12330 was published May 13, 2022
A vulnerability in the CLI of Cisco NX-OS System Software could allow an authenticated, local... Moderate Unreviewed
CVE-2017-12335 was published May 13, 2022
A command injection vulnerability exists in the Microsoft Wireless Display Adapter (MWDA) when... Moderate Unreviewed
CVE-2018-8306 was published May 13, 2022
Puppet Arbitrary Command Execution Moderate
CVE-2012-1988 was published for puppet (RubyGems) May 14, 2022
ProTip! Advisories are also available from the GraphQL API