GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,991
Erlang
29
GitHub Actions
16
Go
1,779
Maven
5,000+
npm
3,544
NuGet
619
pip
3,134
Pub
10
RubyGems
838
Rust
793
Swift
34
Unreviewed advisories
All unreviewed
5,000+
2,063 advisories
Filter by severity
IBM AIX 7.0, 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a...
High
Unreviewed
CVE-2021-38991
was published
Jan 12, 2022
A Remote Command Execution (RCE) vulnerability exists in HNAP1/control...
Critical
Unreviewed
CVE-2021-46314
was published
Feb 18, 2022
Stormshield Network Security (SNS) before 4.2.2 allows a read-only administrator to gain...
High
Unreviewed
CVE-2021-28962
was published
Feb 1, 2022
jpress v4.2.0 admin panel provides a function through which attackers can modify the template and...
High
Unreviewed
CVE-2021-45806
was published
Jan 14, 2022
An issue was discovered in ThoughtWorks GoCD before 21.3.0. An attacker with privileges to create...
High
Unreviewed
CVE-2021-43286
was published
Apr 15, 2022
Trendnet AC2600 TEW-827DRU version 2.08B01 contains a command injection vulnerability in the smb...
High
Unreviewed
CVE-2021-20160
was published
Dec 31, 2021
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a command injection vulnerability via...
Critical
Unreviewed
CVE-2022-37070
was published
Aug 26, 2022
An authenticated user may be able to misuse parameters to inject arbitrary operating system...
High
Unreviewed
CVE-2022-0999
was published
Apr 12, 2022
A improper neutralization of special elements used in a command ('command injection') in Fortinet...
High
Unreviewed
CVE-2021-41016
was published
Feb 8, 2022
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection...
Critical
Unreviewed
CVE-2021-45986
was published
Feb 9, 2022
Netgear Nighthawk R6700 version 1.0.4.120 contains a command injection vulnerability in update...
High
Unreviewed
CVE-2021-20173
was published
Dec 31, 2021
Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary...
High
Unreviewed
CVE-2021-45979
was published
Jan 5, 2022
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects...
High
Unreviewed
CVE-2021-45602
was published
Dec 27, 2021
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection...
Critical
Unreviewed
CVE-2021-45987
was published
Feb 9, 2022
Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary...
High
Unreviewed
CVE-2021-45978
was published
Jan 5, 2022
Trendnet AC2600 TEW-827DRU version 2.08B01 is vulnerable to command injection. The system log...
High
Unreviewed
CVE-2021-20159
was published
Dec 31, 2021
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain...
Critical
Unreviewed
CVE-2022-27272
was published
Apr 11, 2022
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain...
Critical
Unreviewed
CVE-2022-27275
was published
Apr 11, 2022
An Access Control vulnerability exists in D-Link DIR-823G REVA1 1.02B05 (Lastest) via any...
Critical
Unreviewed
CVE-2021-43474
was published
Apr 9, 2022
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain...
Critical
Unreviewed
CVE-2022-27276
was published
Apr 11, 2022
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain...
Critical
Unreviewed
CVE-2022-27271
was published
Apr 11, 2022
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain...
Critical
Unreviewed
CVE-2022-27273
was published
Apr 11, 2022
A vulnerability in the CLI of Cisco StarOS could allow an authenticated, local attacker to...
High
Unreviewed
CVE-2022-20665
was published
Apr 7, 2022
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain...
Critical
Unreviewed
CVE-2022-27270
was published
Apr 11, 2022
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain...
Critical
Unreviewed
CVE-2022-27274
was published
Apr 11, 2022
ProTip!
Advisories are also available from the
GraphQL API