GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,972
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,983
npm
3,518
NuGet
609
pip
3,094
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,746 advisories
Filter by severity
Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability
High
Unreviewed
CVE-2021-28455
was published
May 24, 2022
A remote unauthorized access vulnerability was discovered in Aruba AirWave Management Platform...
High
Unreviewed
CVE-2021-25166
was published
May 24, 2022
Skype for Business and Lync Remote Code Execution Vulnerability
High
Unreviewed
CVE-2021-26422
was published
May 24, 2022
prog.cgi on D-Link DIR-3060 devices before 1.11b04 HF2 allows remote authenticated users to...
High
Unreviewed
CVE-2021-28144
was published
May 24, 2022
In Pluck-4.7.10-dev2 admin background, a remote command execution vulnerability exists when...
Critical
Unreviewed
CVE-2020-20951
was published
May 24, 2022
** DISPUTED ** MikroTik RouterOS 6.47.9 allows remote authenticated ftp users to create or...
High
Unreviewed
CVE-2021-27221
was published
May 24, 2022
A command injection security vulnerability has been identified in HPE Nimble Storage Hybrid Flash...
Critical
Unreviewed
CVE-2022-28618
was published
May 21, 2022
A command Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.7.5 allows local...
High
Unreviewed
CVE-2021-31854
was published
Jan 20, 2022
A command injection on the /admin/broadcast.php script of Invigo Automatic Device Management (ADM...
High
Unreviewed
CVE-2020-10580
was published
May 24, 2022
An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices. There is a luci_service Read_...
High
Unreviewed
CVE-2020-35755
was published
May 24, 2022
Visual Studio Code Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31211.
High
Unreviewed
CVE-2021-31214
was published
May 24, 2022
In the pg_partman (aka PG Partition Manager) extension before 4.5.1 for PostgreSQL, arbitrary...
Critical
Unreviewed
CVE-2021-33204
was published
May 24, 2022
Grandstream GRP261x VoIP phone running firmware version 1.0.3.6 (Base) allows Command Injection...
High
Unreviewed
CVE-2020-25217
was published
May 24, 2022
Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of...
High
Unreviewed
CVE-2021-29703
was published
May 24, 2022
Multiple vulnerabilities in the web UI of Cisco Smart Software Manager Satellite could allow an...
Critical
Unreviewed
CVE-2021-1142
was published
May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016,...
High
Unreviewed
CVE-2021-1317
was published
May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W,...
High
Unreviewed
CVE-2021-1148
was published
May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W,...
High
Unreviewed
CVE-2021-1149
was published
May 24, 2022
AVE DOMINAplus <=1.10.x suffers from an unauthenticated reboot command execution. Attackers can...
High
Unreviewed
CVE-2020-21996
was published
May 24, 2022
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy...
Moderate
Unreviewed
CVE-2021-34615
was published
May 24, 2022
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy...
High
Unreviewed
CVE-2021-34611
was published
May 24, 2022
KLog Server through 2.4.1 allows authenticated command injection. async.php calls shell_exec() on...
High
Unreviewed
CVE-2021-3317
was published
May 24, 2022
Bitcoin Core before 0.19.0 might allow remote attackers to execute arbitrary code when another...
Critical
Unreviewed
CVE-2021-3401
was published
May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016,...
High
Unreviewed
CVE-2021-1316
was published
May 24, 2022
On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.3, 14.1.x before 14.1.4, and 13.1.x...
High
Unreviewed
CVE-2021-23012
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API