GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,991
Erlang
29
GitHub Actions
16
Go
1,779
Maven
5,000+
npm
3,544
NuGet
619
pip
3,134
Pub
10
RubyGems
838
Rust
793
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
815 advisories
Filter by severity
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W,...
High
Unreviewed
CVE-2021-1147
was published
May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W,...
High
Unreviewed
CVE-2021-1146
was published
May 24, 2022
A remote execution of arbitrary commands vulnerability was discovered in Aruba CX 6200F Switch...
High
Unreviewed
CVE-2021-29143
was published
May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016,...
High
Unreviewed
CVE-2021-1315
was published
May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016,...
High
Unreviewed
CVE-2021-1314
was published
May 24, 2022
Client side code execution in gitlab-vscode-extension v3.15.0 and earlier allows attacker to...
High
Unreviewed
CVE-2021-22195
was published
May 24, 2022
The Telus Wi-Fi Hub (PRV65B444A-S-TS) with firmware version 3.00.20 is affected by an...
High
Unreviewed
CVE-2021-20122
was published
May 24, 2022
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy...
High
Unreviewed
CVE-2021-34610
was published
May 24, 2022
IBM AIX 7.1, 7.2, 7.3, and VIOS 3.1 could allow a non-privileged local user to exploit a...
High
Unreviewed
CVE-2022-36768
was published
Sep 14, 2022
/jsonrpc on D-Link DIR-841 3.03 and 3.04 devices allows authenticated command injection via ping,...
High
Unreviewed
CVE-2021-28143
was published
May 24, 2022
A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy...
High
Unreviewed
CVE-2021-26679
was published
May 24, 2022
A remote authenticated arbitrary command execution vulnerability was discovered in Aruba AirWave...
High
Unreviewed
CVE-2021-26962
was published
May 24, 2022
On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.3, 14.1.x before 14.1.4, and 13.1.x...
High
Unreviewed
CVE-2021-23012
was published
May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016,...
High
Unreviewed
CVE-2021-1316
was published
May 24, 2022
KLog Server through 2.4.1 allows authenticated command injection. async.php calls shell_exec() on...
High
Unreviewed
CVE-2021-3317
was published
May 24, 2022
An issue was discovered in Nagios XI 5.8.5. In the Manage Dashlets section of the Admin panel, an...
High
Unreviewed
CVE-2021-40345
was published
May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016,...
High
Unreviewed
CVE-2021-1317
was published
May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W,...
High
Unreviewed
CVE-2021-1149
was published
May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W,...
High
Unreviewed
CVE-2021-1148
was published
May 24, 2022
AVE DOMINAplus <=1.10.x suffers from an unauthenticated reboot command execution. Attackers can...
High
Unreviewed
CVE-2020-21996
was published
May 24, 2022
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy...
High
Unreviewed
CVE-2021-34611
was published
May 24, 2022
Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of...
High
Unreviewed
CVE-2021-29703
was published
May 24, 2022
Grandstream GRP261x VoIP phone running firmware version 1.0.3.6 (Base) allows Command Injection...
High
Unreviewed
CVE-2020-25217
was published
May 24, 2022
Visual Studio Code Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31211.
High
Unreviewed
CVE-2021-31214
was published
May 24, 2022
An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices. There is a luci_service Read_...
High
Unreviewed
CVE-2020-35755
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API