Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,988
Erlang
29
GitHub Actions
16
Go
1,778
Maven
5,000+
npm
3,542
NuGet
619
pip
3,127
Pub
10
RubyGems
838
Rust
791
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

738 advisories

Loading
D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection... Critical Unreviewed
CVE-2021-46226 was published Feb 9, 2022
D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection... Critical Unreviewed
CVE-2021-46228 was published Feb 9, 2022
D-Link device DI-7200GV2.E1 v21.04.09E1 was discovered to contain a command injection... Critical Unreviewed
CVE-2021-46227 was published Feb 9, 2022
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection... Critical Unreviewed
CVE-2021-45990 was published Feb 9, 2022
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection... Critical Unreviewed
CVE-2021-45986 was published Feb 9, 2022
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection... Critical Unreviewed
CVE-2021-45987 was published Feb 9, 2022
StarWind SAN and NAS before 0.2 build 1685 allows remote code execution via a virtual disk... Critical Unreviewed
CVE-2022-24552 was published Feb 12, 2022
Command Injection in theme-core Critical Unreviewed
CVE-2020-28432 was published Feb 15, 2022
A Remote Command Execution (RCE) vulnerability exists in HNAP1/control... Critical Unreviewed
CVE-2021-46314 was published Feb 18, 2022
A Remote Command Execution (RCE) vulnerability exists in all series H/W revisions D-link DIR-810L... Critical Unreviewed
CVE-2021-45382 was published Feb 18, 2022
A Command injection vulnerability exists in Tenda AC10U AC1200 Smart Dual-band Wireless Router... Critical Unreviewed
CVE-2021-45401 was published Feb 19, 2022
A command injection vulnerability in the function meshSlaveUpdate of TOTOLINK Technology routers... Critical Unreviewed
CVE-2022-25136 was published Feb 20, 2022
A command injection vulnerability in the function recvSlaveUpgstatus of TOTOLINK Technology... Critical Unreviewed
CVE-2022-25137 was published Feb 20, 2022
A command injection vulnerability in the function setUpgradeFW of TOTOLINK Technology router T6... Critical Unreviewed
CVE-2022-25134 was published Feb 20, 2022
A command injection vulnerability in the function isAssocPriDevice of TOTOLINK Technology router... Critical Unreviewed
CVE-2022-25133 was published Feb 20, 2022
A command injection vulnerability in the function recv_mesh_info_sync of TOTOLINK Technology... Critical Unreviewed
CVE-2022-25135 was published Feb 20, 2022
A command injection vulnerability in the function meshSlaveDlfw of TOTOLINK Technology router T6... Critical Unreviewed
CVE-2022-25132 was published Feb 20, 2022
A command injection vulnerability in the function recvSlaveCloudCheckStatus of TOTOLINK... Critical Unreviewed
CVE-2022-25131 was published Feb 20, 2022
A command injection vulnerability in the function updateWifiInfo of TOTOLINK Technology routers... Critical Unreviewed
CVE-2022-25130 was published Feb 20, 2022
Honeywell HDZP252DI 1.00.HW02.4 and HBW2PER1 1.000.HW01.3 devices allow a video replay attack... Critical Unreviewed
CVE-2021-39363 was published Feb 25, 2022
Improper Neutralization of audio output from 3rd and 4th Generation Amazon Echo Dot devices... Critical Unreviewed
CVE-2022-25809 was published Feb 25, 2022
TOTOLink A3600R V4.1.2cu.5182_B20201102 was discovered to contain a command injection... Critical Unreviewed
CVE-2022-25078 was published Feb 25, 2022
TOTOLink T6 V5.9c.4085_B20190428 was discovered to contain a command injection vulnerability in... Critical Unreviewed
CVE-2022-25084 was published Feb 25, 2022
TOTOLink A830R V5.9c.4729_B20191112 was discovered to contain a command injection vulnerability... Critical Unreviewed
CVE-2022-25080 was published Feb 25, 2022
TOTOLink A3000RU V5.9c.2280_B20180512 was discovered to contain a command injection vulnerability... Critical Unreviewed
CVE-2022-25075 was published Feb 25, 2022
ProTip! Advisories are also available from the GraphQL API