GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,413

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,976 advisories

Filter by severity

Sort by

Least recently updated

The uri-block plugin in Apache APISIX before 2.10.2 uses $request_uri without verification. The ... High Unreviewed

CVE-2021-43557 was published Nov 23, 2021

There is a command injection vulnerability in CMA service module of FusionCompute product when... High Unreviewed

CVE-2021-37102 was published Nov 24, 2021

PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text... High Unreviewed

CVE-2021-28708 was published Nov 25, 2021

PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text... High Unreviewed

CVE-2021-28704 was published Nov 25, 2021

PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text... High Unreviewed

CVE-2021-28707 was published Nov 25, 2021

Zoho ManageEngine Network Configuration Manager before 125488 is vulnerable to command injection... Critical Unreviewed

CVE-2021-43319 was published Dec 1, 2021

Withdrawn: Arbitrary code execution in lodash Low Unreviewed

CVE-2021-41720 was published for lodash (npm) Dec 3, 2021

VINGA WR-N300U 77.102.1.4853 is affected by a command execution vulnerability in the goahead... High Unreviewed

CVE-2021-43469 was published Dec 7, 2021

A command Injection vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with... High Unreviewed

CVE-2021-42132 was published Dec 8, 2021

A command injection vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with... High Unreviewed

CVE-2021-42129 was published Dec 8, 2021

The executable file warning was not presented when downloading .inetloc files, which, due to a... High Unreviewed

CVE-2021-38510 was published Dec 9, 2021

A crafted configuration packet sent by an authenticated administrative user can be used to... High Unreviewed

CVE-2021-23862 was published Dec 9, 2021

By executing a special command, an user with administrative rights can get access to extended... Moderate Unreviewed

CVE-2021-23861 was published Dec 9, 2021

Multiple improper neutralization of special elements used in a command vulnerabilities [CWE-77]... High Unreviewed

CVE-2021-36180 was published Dec 9, 2021

An issue was discovered in Digi TransPort DR64, SR44 VC74, and WR. The ZING protocol allows... Critical Unreviewed

CVE-2021-35978 was published Dec 11, 2021

SICK SOPAS ET before version 4.8.0 allows attackers to manipulate the command line arguments to... High Unreviewed

CVE-2021-32499 was published Dec 18, 2021

Mesa Labs AmegaView Versions 3.0 and prior has a command injection vulnerability that can be... High Unreviewed

CVE-2021-27449 was published Dec 22, 2021

Mesa Labs AmegaView version 3.0 is vulnerable to a command injection, which may allow an attacker... Critical Unreviewed

CVE-2021-27447 was published Dec 22, 2021

A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via... High Unreviewed

CVE-2021-3621 was published Dec 24, 2021

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... High Unreviewed

CVE-2021-45634 was published Dec 27, 2021

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... High Unreviewed

CVE-2021-45633 was published Dec 27, 2021

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... High Unreviewed

CVE-2021-45635 was published Dec 27, 2021

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... High Unreviewed

CVE-2021-45631 was published Dec 27, 2021

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... High Unreviewed

CVE-2021-45632 was published Dec 27, 2021

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... High Unreviewed

CVE-2021-45629 was published Dec 27, 2021

Previous 1 2 3 4 5 … 79 80 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,976 advisories