GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,988
Erlang
29
GitHub Actions
16
Go
1,778
Maven
5,000+
npm
3,542
NuGet
619
pip
3,127
Pub
10
RubyGems
838
Rust
791
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
738 advisories
Filter by severity
D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection...
Critical
Unreviewed
CVE-2021-46226
was published
Feb 9, 2022
D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection...
Critical
Unreviewed
CVE-2021-46228
was published
Feb 9, 2022
D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection...
Critical
Unreviewed
CVE-2021-46227
was published
Feb 9, 2022
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection...
Critical
Unreviewed
CVE-2021-45990
was published
Feb 9, 2022
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection...
Critical
Unreviewed
CVE-2021-45986
was published
Feb 9, 2022
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection...
Critical
Unreviewed
CVE-2021-45987
was published
Feb 9, 2022
StarWind SAN and NAS before 0.2 build 1685 allows remote code execution via a virtual disk...
Critical
Unreviewed
CVE-2022-24552
was published
Feb 12, 2022
A Remote Command Execution (RCE) vulnerability exists in HNAP1/control...
Critical
Unreviewed
CVE-2021-46314
was published
Feb 18, 2022
A Remote Command Execution (RCE) vulnerability exists in all series H/W revisions D-link DIR-810L...
Critical
Unreviewed
CVE-2021-45382
was published
Feb 18, 2022
A Command injection vulnerability exists in Tenda AC10U AC1200 Smart Dual-band Wireless Router...
Critical
Unreviewed
CVE-2021-45401
was published
Feb 19, 2022
A command injection vulnerability in the function meshSlaveUpdate of TOTOLINK Technology routers...
Critical
Unreviewed
CVE-2022-25136
was published
Feb 20, 2022
A command injection vulnerability in the function recvSlaveUpgstatus of TOTOLINK Technology...
Critical
Unreviewed
CVE-2022-25137
was published
Feb 20, 2022
A command injection vulnerability in the function setUpgradeFW of TOTOLINK Technology router T6...
Critical
Unreviewed
CVE-2022-25134
was published
Feb 20, 2022
A command injection vulnerability in the function isAssocPriDevice of TOTOLINK Technology router...
Critical
Unreviewed
CVE-2022-25133
was published
Feb 20, 2022
A command injection vulnerability in the function recv_mesh_info_sync of TOTOLINK Technology...
Critical
Unreviewed
CVE-2022-25135
was published
Feb 20, 2022
A command injection vulnerability in the function meshSlaveDlfw of TOTOLINK Technology router T6...
Critical
Unreviewed
CVE-2022-25132
was published
Feb 20, 2022
A command injection vulnerability in the function recvSlaveCloudCheckStatus of TOTOLINK...
Critical
Unreviewed
CVE-2022-25131
was published
Feb 20, 2022
A command injection vulnerability in the function updateWifiInfo of TOTOLINK Technology routers...
Critical
Unreviewed
CVE-2022-25130
was published
Feb 20, 2022
Honeywell HDZP252DI 1.00.HW02.4 and HBW2PER1 1.000.HW01.3 devices allow a video replay attack...
Critical
Unreviewed
CVE-2021-39363
was published
Feb 25, 2022
Improper Neutralization of audio output from 3rd and 4th Generation Amazon Echo Dot devices...
Critical
Unreviewed
CVE-2022-25809
was published
Feb 25, 2022
TOTOLink A3600R V4.1.2cu.5182_B20201102 was discovered to contain a command injection...
Critical
Unreviewed
CVE-2022-25078
was published
Feb 25, 2022
TOTOLink T6 V5.9c.4085_B20190428 was discovered to contain a command injection vulnerability in...
Critical
Unreviewed
CVE-2022-25084
was published
Feb 25, 2022
TOTOLink A830R V5.9c.4729_B20191112 was discovered to contain a command injection vulnerability...
Critical
Unreviewed
CVE-2022-25080
was published
Feb 25, 2022
TOTOLink A3000RU V5.9c.2280_B20180512 was discovered to contain a command injection vulnerability...
Critical
Unreviewed
CVE-2022-25075
was published
Feb 25, 2022
ProTip!
Advisories are also available from the
GraphQL API