GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
791 advisories
Filter by severity
An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices. There is a luci_service Read_...
High
Unreviewed
CVE-2020-35755
was published
May 24, 2022
A command injection on the /admin/broadcast.php script of Invigo Automatic Device Management (ADM...
High
Unreviewed
CVE-2020-10580
was published
May 24, 2022
A command Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.7.5 allows local...
High
Unreviewed
CVE-2021-31854
was published
Jan 20, 2022
** DISPUTED ** MikroTik RouterOS 6.47.9 allows remote authenticated ftp users to create or...
High
Unreviewed
CVE-2021-27221
was published
May 24, 2022
prog.cgi on D-Link DIR-3060 devices before 1.11b04 HF2 allows remote authenticated users to...
High
Unreviewed
CVE-2021-28144
was published
May 24, 2022
Skype for Business and Lync Remote Code Execution Vulnerability
High
Unreviewed
CVE-2021-26422
was published
May 24, 2022
Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability
High
Unreviewed
CVE-2021-28455
was published
May 24, 2022
A remote unauthorized access vulnerability was discovered in Aruba AirWave Management Platform...
High
Unreviewed
CVE-2021-25166
was published
May 24, 2022
A remote authenticated command Injection vulnerability was discovered in Aruba ClearPass Policy...
High
Unreviewed
CVE-2021-26681
was published
May 24, 2022
A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy...
High
Unreviewed
CVE-2021-26680
was published
May 24, 2022
A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy...
High
Unreviewed
CVE-2021-26683
was published
May 24, 2022
vSphere Replication 8.3.x prior to 8.3.1.2, 8.2.x prior to 8.2.1.1, 8.1.x prior to 8.1.2.3 and 6...
High
Unreviewed
CVE-2021-21976
was published
May 24, 2022
A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy...
High
Unreviewed
CVE-2021-26684
was published
May 24, 2022
SolarWinds Platform was susceptible to Command Injection. This vulnerability allows a remote...
High
Unreviewed
CVE-2022-36962
was published
Nov 29, 2022
The BeanShell components of IRISNext through 9.8.28 allow execution of arbitrary commands on the...
High
Unreviewed
CVE-2022-26111
was published
Apr 26, 2022
An exploitable command injection vulnerability exists in the web management interface used by the...
High
Unreviewed
CVE-2017-2833
was published
May 13, 2022
An exploitable command injection vulnerability exists in the web management interface used by the...
High
Unreviewed
CVE-2017-2832
was published
May 13, 2022
A origin validation error vulnerability in Trend Micro Apex One (on-prem and SaaS) could allow a...
High
Unreviewed
CVE-2021-45441
was published
Jan 11, 2022
IBM AIX 7.0, 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a...
High
Unreviewed
CVE-2021-38991
was published
Jan 12, 2022
Stormshield Network Security (SNS) before 4.2.2 allows a read-only administrator to gain...
High
Unreviewed
CVE-2021-28962
was published
Feb 1, 2022
jpress v4.2.0 admin panel provides a function through which attackers can modify the template and...
High
Unreviewed
CVE-2021-45806
was published
Jan 14, 2022
An issue was discovered in ThoughtWorks GoCD before 21.3.0. An attacker with privileges to create...
High
Unreviewed
CVE-2021-43286
was published
Apr 15, 2022
Trendnet AC2600 TEW-827DRU version 2.08B01 contains a command injection vulnerability in the smb...
High
Unreviewed
CVE-2021-20160
was published
Dec 31, 2021
An authenticated user may be able to misuse parameters to inject arbitrary operating system...
High
Unreviewed
CVE-2022-0999
was published
Apr 12, 2022
A improper neutralization of special elements used in a command ('command injection') in Fortinet...
High
Unreviewed
CVE-2021-41016
was published
Feb 8, 2022
ProTip!
Advisories are also available from the
GraphQL API