GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,992
Erlang
29
GitHub Actions
16
Go
1,782
Maven
5,000+
npm
3,544
NuGet
619
pip
3,134
Pub
10
RubyGems
838
Rust
795
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,758 advisories
Filter by severity
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a command injection vulnerability via...
Critical
Unreviewed
CVE-2022-37070
was published
Aug 26, 2022
Trendnet AC2600 TEW-827DRU version 2.08B01 contains a command injection vulnerability in the smb...
High
Unreviewed
CVE-2021-20160
was published
Dec 31, 2021
An issue was discovered in ThoughtWorks GoCD before 21.3.0. An attacker with privileges to create...
High
Unreviewed
CVE-2021-43286
was published
Apr 15, 2022
Stormshield Network Security (SNS) before 4.2.2 allows a read-only administrator to gain...
High
Unreviewed
CVE-2021-28962
was published
Feb 1, 2022
jpress v4.2.0 admin panel provides a function through which attackers can modify the template and...
High
Unreviewed
CVE-2021-45806
was published
Jan 14, 2022
A Remote Command Execution (RCE) vulnerability exists in HNAP1/control...
Critical
Unreviewed
CVE-2021-46314
was published
Feb 18, 2022
IBM AIX 7.0, 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a...
High
Unreviewed
CVE-2021-38991
was published
Jan 12, 2022
A origin validation error vulnerability in Trend Micro Apex One (on-prem and SaaS) could allow a...
High
Unreviewed
CVE-2021-45441
was published
Jan 11, 2022
Command injection and stack-based buffer overflow vulnerabilities in the KillDupUsr_func function...
Critical
Unreviewed
CVE-2021-26728
was published
Oct 24, 2022
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection...
Critical
Unreviewed
CVE-2022-44844
was published
Nov 25, 2022
An exploitable command injection vulnerability exists in the web management interface used by the...
High
Unreviewed
CVE-2017-2832
was published
May 13, 2022
Command injection and multiple stack-based buffer overflows vulnerabilities in the...
Critical
Unreviewed
CVE-2021-26731
was published
Oct 24, 2022
An exploitable command injection vulnerability exists in the web management interface used by the...
High
Unreviewed
CVE-2017-2833
was published
May 13, 2022
Multiple command injections and stack-based buffer overflows vulnerabilities in the...
Critical
Unreviewed
CVE-2021-26727
was published
Oct 24, 2022
Command injection and multiple stack-based buffer overflows vulnerabilities in the...
Critical
Unreviewed
CVE-2021-26729
was published
Oct 24, 2022
The BeanShell components of IRISNext through 9.8.28 allow execution of arbitrary commands on the...
High
Unreviewed
CVE-2022-26111
was published
Apr 26, 2022
SolarWinds Platform was susceptible to Command Injection. This vulnerability allows a remote...
High
Unreviewed
CVE-2022-36962
was published
Nov 29, 2022
A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy...
High
Unreviewed
CVE-2021-26684
was published
May 24, 2022
D-Link DSL-2750B devices before 1.05 allow remote unauthenticated command injection via the login...
Critical
Unreviewed
CVE-2016-20017
was published
Oct 19, 2022
vSphere Replication 8.3.x prior to 8.3.1.2, 8.2.x prior to 8.2.1.1, 8.1.x prior to 8.1.2.3 and 6...
High
Unreviewed
CVE-2021-21976
was published
May 24, 2022
A remote authenticated command Injection vulnerability was discovered in Aruba ClearPass Policy...
High
Unreviewed
CVE-2021-26681
was published
May 24, 2022
A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy...
High
Unreviewed
CVE-2021-26683
was published
May 24, 2022
A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy...
High
Unreviewed
CVE-2021-26680
was published
May 24, 2022
A remote authenticated arbitrary command execution vulnerability was discovered in Aruba AirWave...
Moderate
Unreviewed
CVE-2021-26970
was published
May 24, 2022
Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability
High
Unreviewed
CVE-2021-28455
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API