GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,787
Composer 4,757
Erlang 35
GitHub Actions 29
Go 2,327
Maven 5,615
npm 3,960
NuGet 712
pip 3,741
Pub 12
RubyGems 921
Rust 973
Swift 38

Unreviewed advisories

All unreviewed 258,540

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,303 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

IBM FileNet Content Manager 5.5.4, 5.5.6, and 5.5.7 could allow a remote authenticated attacker... High Unreviewed

CVE-2021-38965 was published Jan 18, 2022

The files_antivirus component before 1.0.0 for ownCloud allows OS Command Injection via the... High Unreviewed

CVE-2021-33827 was published Jan 16, 2022

China Mobile An Lianbao WF-1 router v1.0.1 is affected by an OS command injection vulnerability... Critical Unreviewed

CVE-2021-33962 was published Jan 15, 2022

In Lens prior to 5.3.4, custom helm chart configuration creates helm commands from string... High Unreviewed

CVE-2021-23154 was published Jan 11, 2022

A vulnerability in the TFTP client of Zyxel GS1900 series firmware, XGS1210 series firmware, and... High Unreviewed

CVE-2021-35031 was published Dec 29, 2021

A vulnerability in the 'libsal.so' of the Zyxel GS1900 series firmware version 2.60 could allow... High Unreviewed

CVE-2021-35032 was published Dec 29, 2021

TP-Link wifi router TL-WR802N V4(JP), with firmware version prior to 211202, is vulnerable to OS... High Unreviewed

CVE-2021-4144 was published Dec 24, 2021

mySCADA myPRO: Versions 8.20.0 and prior has a feature where the API password can be specified,... Critical Unreviewed

CVE-2021-22657 was published Dec 24, 2021

mySCADA myPRO: Versions 8.20.0 and prior has a feature where the password can be specified, which... Critical Unreviewed

CVE-2021-23198 was published Dec 24, 2021

A server side remote code execution vulnerability was found in Foreman project. A authenticated... High Unreviewed

CVE-2021-3584 was published Dec 24, 2021

mySCADA myPRO: Versions 8.20.0 and prior has a feature to send emails, which may allow an... Critical Unreviewed

CVE-2021-43981 was published Dec 24, 2021

mySCADA myPRO: Versions 8.20.0 and prior has a feature where the firmware can be updated, which... Critical Unreviewed

CVE-2021-43984 was published Dec 24, 2021

mySCADA myPRO: Versions 8.20.0 and prior has a vulnerable debug interface which includes a ping... Critical Unreviewed

CVE-2021-44453 was published Dec 24, 2021

A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via... High Unreviewed

CVE-2021-3621 was published Dec 24, 2021

An OS command injection vulnerability exists in the Web Manager Diagnostics: Traceroute... Critical Unreviewed

CVE-2021-21872 was published Dec 23, 2021

A specially-crafted HTTP request can lead to arbitrary command execution in RSA keypasswd... Critical Unreviewed

CVE-2021-21873 was published Dec 23, 2021

A specially-crafted HTTP request can lead to arbitrary command execution in DSA keypasswd... Critical Unreviewed

CVE-2021-21874 was published Dec 23, 2021

A specially-crafted HTTP request can lead to arbitrary command execution in EC keypasswd... Critical Unreviewed

CVE-2021-21875 was published Dec 23, 2021

Specially-crafted HTTP requests can lead to arbitrary command execution in PUT requests. An... Critical Unreviewed

CVE-2021-21876 was published Dec 23, 2021

Specially-crafted HTTP requests can lead to arbitrary command execution in “GET” requests. An... Critical Unreviewed

CVE-2021-21877 was published Dec 23, 2021

An OS command injection vulnerability exists in the Web Manager Wireless Network Scanner... Critical Unreviewed

CVE-2021-21881 was published Dec 23, 2021

An OS command injection vulnerability exists in the Web Manager FsUnmount functionality of... High Unreviewed

CVE-2021-21882 was published Dec 23, 2021

An OS command injection vulnerability exists in the Web Manager Diagnostics: Ping functionality... Critical Unreviewed

CVE-2021-21883 was published Dec 23, 2021

An OS command injection vulnerability exists in the Web Manager SslGenerateCSR functionality of... Critical Unreviewed

CVE-2021-21884 was published Dec 23, 2021

An OS command injection vulnerability exists in the Web Manager SslGenerateCertificate... Critical Unreviewed

CVE-2021-21888 was published Dec 23, 2021

Previous 1 2 … 129 130 131 132 133 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,303 advisories