Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,991
Erlang
29
GitHub Actions
16
Go
1,779
Maven
5,000+
npm
3,544
NuGet
619
pip
3,134
Pub
10
RubyGems
838
Rust
793
Swift
34
Unreviewed advisories
All unreviewed
5,000+

2,063 advisories

Loading
IBM AIX 7.0, 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a... High Unreviewed
CVE-2021-38991 was published Jan 12, 2022
A Remote Command Execution (RCE) vulnerability exists in HNAP1/control... Critical Unreviewed
CVE-2021-46314 was published Feb 18, 2022
Stormshield Network Security (SNS) before 4.2.2 allows a read-only administrator to gain... High Unreviewed
CVE-2021-28962 was published Feb 1, 2022
jpress v4.2.0 admin panel provides a function through which attackers can modify the template and... High Unreviewed
CVE-2021-45806 was published Jan 14, 2022
An issue was discovered in ThoughtWorks GoCD before 21.3.0. An attacker with privileges to create... High Unreviewed
CVE-2021-43286 was published Apr 15, 2022
Trendnet AC2600 TEW-827DRU version 2.08B01 contains a command injection vulnerability in the smb... High Unreviewed
CVE-2021-20160 was published Dec 31, 2021
H3C GR-1200W MiniGRW1A0V100R006 was discovered to contain a command injection vulnerability via... Critical Unreviewed
CVE-2022-37070 was published Aug 26, 2022
An authenticated user may be able to misuse parameters to inject arbitrary operating system... High Unreviewed
CVE-2022-0999 was published Apr 12, 2022
A improper neutralization of special elements used in a command ('command injection') in Fortinet... High Unreviewed
CVE-2021-41016 was published Feb 8, 2022
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection... Critical Unreviewed
CVE-2021-45986 was published Feb 9, 2022
Netgear Nighthawk R6700 version 1.0.4.120 contains a command injection vulnerability in update... High Unreviewed
CVE-2021-20173 was published Dec 31, 2021
Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary... High Unreviewed
CVE-2021-45979 was published Jan 5, 2022
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... High Unreviewed
CVE-2021-45602 was published Dec 27, 2021
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection... Critical Unreviewed
CVE-2021-45987 was published Feb 9, 2022
Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary... High Unreviewed
CVE-2021-45978 was published Jan 5, 2022
Trendnet AC2600 TEW-827DRU version 2.08B01 is vulnerable to command injection. The system log... High Unreviewed
CVE-2021-20159 was published Dec 31, 2021
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain... Critical Unreviewed
CVE-2022-27272 was published Apr 11, 2022
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain... Critical Unreviewed
CVE-2022-27275 was published Apr 11, 2022
An Access Control vulnerability exists in D-Link DIR-823G REVA1 1.02B05 (Lastest) via any... Critical Unreviewed
CVE-2021-43474 was published Apr 9, 2022
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain... Critical Unreviewed
CVE-2022-27276 was published Apr 11, 2022
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain... Critical Unreviewed
CVE-2022-27271 was published Apr 11, 2022
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain... Critical Unreviewed
CVE-2022-27273 was published Apr 11, 2022
A vulnerability in the CLI of Cisco StarOS could allow an authenticated, local attacker to... High Unreviewed
CVE-2022-20665 was published Apr 7, 2022
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain... Critical Unreviewed
CVE-2022-27270 was published Apr 11, 2022
InHand Networks InRouter 900 Industrial 4G Router before v1.0.0.r11700 was discovered to contain... Critical Unreviewed
CVE-2022-27274 was published Apr 11, 2022
ProTip! Advisories are also available from the GraphQL API