Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,992
Erlang
29
GitHub Actions
16
Go
1,782
Maven
5,000+
npm
3,544
NuGet
619
pip
3,134
Pub
10
RubyGems
838
Rust
795
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,758 advisories

Loading
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a command injection vulnerability via... Critical Unreviewed
CVE-2022-37070 was published Aug 26, 2022
Trendnet AC2600 TEW-827DRU version 2.08B01 contains a command injection vulnerability in the smb... High Unreviewed
CVE-2021-20160 was published Dec 31, 2021
An issue was discovered in ThoughtWorks GoCD before 21.3.0. An attacker with privileges to create... High Unreviewed
CVE-2021-43286 was published Apr 15, 2022
Stormshield Network Security (SNS) before 4.2.2 allows a read-only administrator to gain... High Unreviewed
CVE-2021-28962 was published Feb 1, 2022
jpress v4.2.0 admin panel provides a function through which attackers can modify the template and... High Unreviewed
CVE-2021-45806 was published Jan 14, 2022
A Remote Command Execution (RCE) vulnerability exists in HNAP1/control... Critical Unreviewed
CVE-2021-46314 was published Feb 18, 2022
IBM AIX 7.0, 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a... High Unreviewed
CVE-2021-38991 was published Jan 12, 2022
A origin validation error vulnerability in Trend Micro Apex One (on-prem and SaaS) could allow a... High Unreviewed
CVE-2021-45441 was published Jan 11, 2022
Command injection and stack-based buffer overflow vulnerabilities in the KillDupUsr_func function... Critical Unreviewed
CVE-2021-26728 was published Oct 24, 2022
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection... Critical Unreviewed
CVE-2022-44844 was published Nov 25, 2022
An exploitable command injection vulnerability exists in the web management interface used by the... High Unreviewed
CVE-2017-2832 was published May 13, 2022
Command injection and multiple stack-based buffer overflows vulnerabilities in the... Critical Unreviewed
CVE-2021-26731 was published Oct 24, 2022
An exploitable command injection vulnerability exists in the web management interface used by the... High Unreviewed
CVE-2017-2833 was published May 13, 2022
Multiple command injections and stack-based buffer overflows vulnerabilities in the... Critical Unreviewed
CVE-2021-26727 was published Oct 24, 2022
Command injection and multiple stack-based buffer overflows vulnerabilities in the... Critical Unreviewed
CVE-2021-26729 was published Oct 24, 2022
The BeanShell components of IRISNext through 9.8.28 allow execution of arbitrary commands on the... High Unreviewed
CVE-2022-26111 was published Apr 26, 2022
SolarWinds Platform was susceptible to Command Injection. This vulnerability allows a remote... High Unreviewed
CVE-2022-36962 was published Nov 29, 2022
A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy... High Unreviewed
CVE-2021-26684 was published May 24, 2022
D-Link DSL-2750B devices before 1.05 allow remote unauthenticated command injection via the login... Critical Unreviewed
CVE-2016-20017 was published Oct 19, 2022
vSphere Replication 8.3.x prior to 8.3.1.2, 8.2.x prior to 8.2.1.1, 8.1.x prior to 8.1.2.3 and 6... High Unreviewed
CVE-2021-21976 was published May 24, 2022
A remote authenticated command Injection vulnerability was discovered in Aruba ClearPass Policy... High Unreviewed
CVE-2021-26681 was published May 24, 2022
A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy... High Unreviewed
CVE-2021-26683 was published May 24, 2022
A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy... High Unreviewed
CVE-2021-26680 was published May 24, 2022
A remote authenticated arbitrary command execution vulnerability was discovered in Aruba AirWave... Moderate Unreviewed
CVE-2021-26970 was published May 24, 2022
Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability High Unreviewed
CVE-2021-28455 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API