Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,991
Erlang
29
GitHub Actions
16
Go
1,779
Maven
5,000+
npm
3,544
NuGet
619
pip
3,134
Pub
10
RubyGems
838
Rust
793
Swift
34
Unreviewed advisories
All unreviewed
5,000+

2,063 advisories

Loading
Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability High Unreviewed
CVE-2021-28455 was published May 24, 2022
A remote unauthorized access vulnerability was discovered in Aruba AirWave Management Platform... High Unreviewed
CVE-2021-25166 was published May 24, 2022
Skype for Business and Lync Remote Code Execution Vulnerability High Unreviewed
CVE-2021-26422 was published May 24, 2022
A remote authenticated arbitrary command execution vulnerability was discovered in Aruba AirWave... Moderate Unreviewed
CVE-2021-26970 was published May 24, 2022
vSphere Replication 8.3.x prior to 8.3.1.2, 8.2.x prior to 8.2.1.1, 8.1.x prior to 8.1.2.3 and 6... High Unreviewed
CVE-2021-21976 was published May 24, 2022
A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy... High Unreviewed
CVE-2021-26683 was published May 24, 2022
A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy... High Unreviewed
CVE-2021-26680 was published May 24, 2022
A remote authenticated command Injection vulnerability was discovered in Aruba ClearPass Policy... High Unreviewed
CVE-2021-26681 was published May 24, 2022
D-Link DSL-2750B devices before 1.05 allow remote unauthenticated command injection via the login... Critical Unreviewed
CVE-2016-20017 was published Oct 19, 2022
Improper Neutralization of Special Elements used in a Command in FitNesse Wiki High
CVE-2014-1216 was published for org.fitnesse:fitnesse (Maven) May 17, 2022
A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy... High Unreviewed
CVE-2021-26684 was published May 24, 2022
SolarWinds Platform was susceptible to Command Injection. This vulnerability allows a remote... High Unreviewed
CVE-2022-36962 was published Nov 29, 2022
The BeanShell components of IRISNext through 9.8.28 allow execution of arbitrary commands on the... High Unreviewed
CVE-2022-26111 was published Apr 26, 2022
Improper Neutralization of Special Elements used in a Command in Apache Cassandra High
CVE-2015-0225 was published for org.apache.cassandra:apache-cassandra (Maven) May 14, 2022
Command injection in czproject/git-php High
CVE-2022-25866 was published for czproject/git-php (Composer) Apr 26, 2022
Command injection and multiple stack-based buffer overflows vulnerabilities in the... Critical Unreviewed
CVE-2021-26729 was published Oct 24, 2022
Multiple command injections and stack-based buffer overflows vulnerabilities in the... Critical Unreviewed
CVE-2021-26727 was published Oct 24, 2022
OS Command Injection in git-pull-or-clone Critical
CVE-2022-24437 was published for git-pull-or-clone (npm) May 3, 2022
lirantal
An exploitable command injection vulnerability exists in the web management interface used by the... High Unreviewed
CVE-2017-2833 was published May 13, 2022
Command injection and multiple stack-based buffer overflows vulnerabilities in the... Critical Unreviewed
CVE-2021-26731 was published Oct 24, 2022
An exploitable command injection vulnerability exists in the web management interface used by the... High Unreviewed
CVE-2017-2832 was published May 13, 2022
Command injection in npm-dependency-versions Critical
CVE-2022-29080 was published for npm-dependency-versions (npm) Apr 13, 2022
p-w
Command injection and stack-based buffer overflow vulnerabilities in the KillDupUsr_func function... Critical Unreviewed
CVE-2021-26728 was published Oct 24, 2022
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection... Critical Unreviewed
CVE-2022-44844 was published Nov 25, 2022
A origin validation error vulnerability in Trend Micro Apex One (on-prem and SaaS) could allow a... High Unreviewed
CVE-2021-45441 was published Jan 11, 2022
ProTip! Advisories are also available from the GraphQL API