Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,988
Erlang
29
GitHub Actions
16
Go
1,776
Maven
5,000+
npm
3,542
NuGet
617
pip
3,125
Pub
10
RubyGems
838
Rust
790
Swift
34
Unreviewed advisories
All unreviewed
5,000+

223 advisories

Loading
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy... Moderate Unreviewed
CVE-2021-34615 was published May 24, 2022
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy... Moderate Unreviewed
CVE-2021-34613 was published May 24, 2022
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy... Moderate Unreviewed
CVE-2021-34616 was published May 24, 2022
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy... Moderate Unreviewed
CVE-2021-34612 was published May 24, 2022
The submission service in Dovecot before 2.3.15 allows STARTTLS command injection in lib-smtp.... Moderate Unreviewed
CVE-2021-33515 was published May 24, 2022
A remote code execution vulnerability was identified in GitHub Enterprise Server that could be... Moderate Unreviewed
CVE-2021-22864 was published May 24, 2022
A remote authenticated arbitrary command execution vulnerability was discovered in Aruba AirWave... Moderate Unreviewed
CVE-2021-26970 was published May 24, 2022
In mobile_log_d, there is a possible command injection due to improper input validation. This... Moderate Unreviewed
CVE-2021-0364 was published May 24, 2022
In netdiag, there is a possible command injection due to improper input validation. This could... Moderate Unreviewed
CVE-2021-0358 was published May 24, 2022
In mobile_log_d, there is a possible command injection due to a missing bounds check. This could... Moderate Unreviewed
CVE-2021-0363 was published May 24, 2022
In netdiag, there is a possible command injection due to improper input validation. This could... Moderate Unreviewed
CVE-2021-0356 was published May 24, 2022
Rostelecom CS-C2SHW 5.0.082.1 is affected by: Bash command injection. The camera reads... Moderate Unreviewed
CVE-2020-27542 was published May 24, 2022
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed
CVE-2020-35793 was published May 24, 2022
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed
CVE-2020-35790 was published May 24, 2022
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed
CVE-2020-35794 was published May 24, 2022
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed
CVE-2020-35791 was published May 24, 2022
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed
CVE-2020-35792 was published May 24, 2022
Some Huawei products have a command injection vulnerability. Due to insufficient input validation... Moderate Unreviewed
CVE-2020-9127 was published May 24, 2022
Several potential command injections vulnerabilities exist in the AT command interface of ALEOS... Moderate Unreviewed
CVE-2019-11853 was published May 24, 2022
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... Moderate Unreviewed
CVE-2019-17101 was published May 24, 2022
iCatch DVR do not validate function parameter properly, resulting attackers executing arbitrary... Moderate Unreviewed
CVE-2020-10514 was published May 24, 2022
The 'Copy as cURL' feature of Devtools' network tab did not properly escape the HTTP method of a... Moderate Unreviewed
CVE-2020-6811 was published May 24, 2022
In GraphicsMagick before 1.3.32, the text filename component allows remote attackers to read... Moderate Unreviewed
CVE-2019-12921 was published May 24, 2022
cPanel before 64.0.21 allows demo accounts to execute Cpanel::SPFUI API commands (SEC-246). Moderate Unreviewed
CVE-2017-18442 was published May 24, 2022
cPanel before 11.54.0.4 allows certain file-chmod operations in scripts/secureit (SEC-82). Moderate Unreviewed
CVE-2016-10849 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API