Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

876 advisories

Loading
Okta Advanced Server Access Client for Linux and macOS prior to version 1.58.0 was found to be... High Unreviewed
CVE-2022-1030 was published Mar 24, 2022
Specially crafted string in OTRS system configuration can allow the execution of any system command. High Unreviewed
CVE-2021-36100 was published Mar 22, 2022
The snaptPowered2 component of Snapt Aria v12.8 was discovered to contain a command injection... High Unreviewed
CVE-2022-24237 was published Mar 22, 2022
In ims service, there is a possible AT command injection due to a missing permission check. This... High Unreviewed
CVE-2022-20054 was published Mar 11, 2022
An authenticated remote code execution vulnerability was discovered in the AOS-CX Network... High Unreviewed
CVE-2021-41001 was published Mar 3, 2022
Multiple authenticated remote code execution vulnerabilities were discovered in the AOS-CX... High Unreviewed
CVE-2021-41000 was published Mar 3, 2022
The laser command injection vulnerability exists on AIS-BW80H-00 versions earlier than AIS-BW80H... High Unreviewed
CVE-2021-40043 was published Feb 26, 2022
A command injection vulnerability in the function formImportOMCIShell of C-DATA ONU4FERW V2.1... High Unreviewed
CVE-2021-44132 was published Feb 26, 2022
IBM Planning Analytics 2.0 is vulnerable to a Remote File Include (RFI) attack. User input could... High Unreviewed
CVE-2022-22308 was published Feb 22, 2022
Okta Advanced Server Access Client for Windows prior to version 1.57.0 was found to be vulnerable... High Unreviewed
CVE-2022-24295 was published Feb 22, 2022
CommScope URFboard SBG6950AC2 9.1.103AA23 devices allow Command Injection. High Unreviewed
CVE-2021-41552 was published Feb 16, 2022
CompleteFTPService.exe in the server in EnterpriseDT CompleteFTP before 12.1.4 allows Remote Code... High Unreviewed
CVE-2019-16864 was published Feb 15, 2022
A improper neutralization of special elements used in a command ('command injection') in Fortinet... High Unreviewed
CVE-2021-41016 was published Feb 8, 2022
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below do not sanitize user input resulting in... High Unreviewed
CVE-2021-42638 was published Feb 3, 2022
Stormshield Network Security (SNS) before 4.2.2 allows a read-only administrator to gain... High Unreviewed
CVE-2021-28962 was published Feb 1, 2022
A command Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.7.5 allows local... High Unreviewed
CVE-2021-31854 was published Jan 20, 2022
China Mobile An Lianbao WF-1 V1.0.1 router provides a web interface /api/ZRRuleFilter... High Unreviewed
CVE-2021-33964 was published Jan 19, 2022
China Mobile An Lianbao WF-1 V1.0.1 router provides a web interface /api/ZRMesh/set_ZRMesh which... High Unreviewed
CVE-2021-33965 was published Jan 19, 2022
jpress v4.2.0 admin panel provides a function through which attackers can modify the template and... High Unreviewed
CVE-2021-45806 was published Jan 14, 2022
A malicious user on the same LAN could use DNS spoofing followed by a command injection attack to... High Unreviewed
CVE-2022-22991 was published Jan 14, 2022
An issue was discovered in CALDERA 2.8.1. It contains multiple startup "requirements" that... High Unreviewed
CVE-2021-42559 was published Jan 13, 2022
IBM AIX 7.0, 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a... High Unreviewed
CVE-2021-38991 was published Jan 12, 2022
A origin validation error vulnerability in Trend Micro Apex One (on-prem and SaaS) could allow a... High Unreviewed
CVE-2021-45441 was published Jan 11, 2022
Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary... High Unreviewed
CVE-2021-45979 was published Jan 5, 2022
Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary... High Unreviewed
CVE-2021-45978 was published Jan 5, 2022
ProTip! Advisories are also available from the GraphQL API