GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
876 advisories
Filter by severity
Okta Advanced Server Access Client for Linux and macOS prior to version 1.58.0 was found to be...
High
Unreviewed
CVE-2022-1030
was published
Mar 24, 2022
Specially crafted string in OTRS system configuration can allow the execution of any system command.
High
Unreviewed
CVE-2021-36100
was published
Mar 22, 2022
The snaptPowered2 component of Snapt Aria v12.8 was discovered to contain a command injection...
High
Unreviewed
CVE-2022-24237
was published
Mar 22, 2022
In ims service, there is a possible AT command injection due to a missing permission check. This...
High
Unreviewed
CVE-2022-20054
was published
Mar 11, 2022
An authenticated remote code execution vulnerability was discovered in the AOS-CX Network...
High
Unreviewed
CVE-2021-41001
was published
Mar 3, 2022
Multiple authenticated remote code execution vulnerabilities were discovered in the AOS-CX...
High
Unreviewed
CVE-2021-41000
was published
Mar 3, 2022
The laser command injection vulnerability exists on AIS-BW80H-00 versions earlier than AIS-BW80H...
High
Unreviewed
CVE-2021-40043
was published
Feb 26, 2022
A command injection vulnerability in the function formImportOMCIShell of C-DATA ONU4FERW V2.1...
High
Unreviewed
CVE-2021-44132
was published
Feb 26, 2022
IBM Planning Analytics 2.0 is vulnerable to a Remote File Include (RFI) attack. User input could...
High
Unreviewed
CVE-2022-22308
was published
Feb 22, 2022
Okta Advanced Server Access Client for Windows prior to version 1.57.0 was found to be vulnerable...
High
Unreviewed
CVE-2022-24295
was published
Feb 22, 2022
CommScope URFboard SBG6950AC2 9.1.103AA23 devices allow Command Injection.
High
Unreviewed
CVE-2021-41552
was published
Feb 16, 2022
CompleteFTPService.exe in the server in EnterpriseDT CompleteFTP before 12.1.4 allows Remote Code...
High
Unreviewed
CVE-2019-16864
was published
Feb 15, 2022
A improper neutralization of special elements used in a command ('command injection') in Fortinet...
High
Unreviewed
CVE-2021-41016
was published
Feb 8, 2022
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below do not sanitize user input resulting in...
High
Unreviewed
CVE-2021-42638
was published
Feb 3, 2022
Stormshield Network Security (SNS) before 4.2.2 allows a read-only administrator to gain...
High
Unreviewed
CVE-2021-28962
was published
Feb 1, 2022
A command Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.7.5 allows local...
High
Unreviewed
CVE-2021-31854
was published
Jan 20, 2022
China Mobile An Lianbao WF-1 V1.0.1 router provides a web interface /api/ZRRuleFilter...
High
Unreviewed
CVE-2021-33964
was published
Jan 19, 2022
China Mobile An Lianbao WF-1 V1.0.1 router provides a web interface /api/ZRMesh/set_ZRMesh which...
High
Unreviewed
CVE-2021-33965
was published
Jan 19, 2022
jpress v4.2.0 admin panel provides a function through which attackers can modify the template and...
High
Unreviewed
CVE-2021-45806
was published
Jan 14, 2022
A malicious user on the same LAN could use DNS spoofing followed by a command injection attack to...
High
Unreviewed
CVE-2022-22991
was published
Jan 14, 2022
An issue was discovered in CALDERA 2.8.1. It contains multiple startup "requirements" that...
High
Unreviewed
CVE-2021-42559
was published
Jan 13, 2022
IBM AIX 7.0, 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a...
High
Unreviewed
CVE-2021-38991
was published
Jan 12, 2022
A origin validation error vulnerability in Trend Micro Apex One (on-prem and SaaS) could allow a...
High
Unreviewed
CVE-2021-45441
was published
Jan 11, 2022
Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary...
High
Unreviewed
CVE-2021-45979
was published
Jan 5, 2022
Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary...
High
Unreviewed
CVE-2021-45978
was published
Jan 5, 2022
ProTip!
Advisories are also available from the
GraphQL API