Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,176
Erlang
30
GitHub Actions
19
Go
1,982
Maven
5,000+
npm
3,701
NuGet
656
pip
3,323
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

795 advisories

Loading
Zoho ManageEngine Network Configuration Manager before 125488 is vulnerable to command injection... Critical Unreviewed
CVE-2021-43319 was published Dec 1, 2021
An issue was discovered in Digi TransPort DR64, SR44 VC74, and WR. The ZING protocol allows... Critical Unreviewed
CVE-2021-35978 was published Dec 11, 2021
Mesa Labs AmegaView version 3.0 is vulnerable to a command injection, which may allow an attacker... Critical Unreviewed
CVE-2021-27447 was published Dec 22, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-45630 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-45627 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-45625 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-45624 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-45623 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-45620 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-45622 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-45621 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-45619 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-45617 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-45616 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-45618 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-45614 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-45613 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-45612 was published Dec 27, 2021
NETGEAR XR1000 devices before 1.0.0.58 are affected by command injection by an unauthenticated... Critical Unreviewed
CVE-2021-45513 was published Dec 27, 2021
The downloadFlile.cgi binary file in TOTOLINK EX200 V4.0.3c.7646_B20201211 has a command... Critical Unreviewed
CVE-2021-43711 was published Jan 5, 2022
jpress v4.2.0 is vulnerable to command execution via io.jpress.web.admin._AddonController:... Critical Unreviewed
CVE-2021-45807 was published Jan 14, 2022
China Mobile An Lianbao WF-1 v1.0.1 router web interface through /api/ZRMacClone/mac_addr_clone... Critical Unreviewed
CVE-2021-33963 was published Jan 16, 2022
Embedded web server command injection vulnerability in Lexmark devices through 2021-12-07. Critical Unreviewed
CVE-2021-44735 was published Jan 21, 2022
lib/Image/ExifTool.pm in ExifTool before 12.38 mishandles a $file =~ /\|$/ check. Critical Unreviewed
CVE-2022-23935 was published Jan 26, 2022
The firmware on Moxa TN-5900 devices through 3.1 allows command injection that could lead to... Critical Unreviewed
CVE-2021-46560 was published Jan 27, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database