GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,763
Composer 4,750
Erlang 35
GitHub Actions 29
Go 2,323
Maven 5,608
npm 3,956
NuGet 712
pip 3,739
Pub 12
RubyGems 921
Rust 973
Swift 38

Unreviewed advisories

All unreviewed 258,266

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,120 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A command injection vulnerability has been reported to affect QNAP NAS running legacy versions of... Critical Unreviewed

CVE-2021-28800 was published May 24, 2022

A vulnerability exists in RaspAP 2.6 to 2.6.5 in the "iface" GET parameter in /ajax/networking... Critical Unreviewed

CVE-2021-33357 was published May 24, 2022

Certain NETGEAR devices are affected by command injection by an unauthenticated attacker via the... Critical Unreviewed

CVE-2021-33514 was published May 24, 2022

The api/ZRIptv/setIptvInfo interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote... Critical Unreviewed

CVE-2021-30233 was published May 24, 2022

The api/ZRFirmware/set_time_zone interface in China Mobile An Lianbao WF-1 router 1.0.1 allows... Critical Unreviewed

CVE-2021-30230 was published May 24, 2022

The api/ZRIGMP/set_IGMP_PROXY interface in China Mobile An Lianbao WF-1 router 1.0.1 allows... Critical Unreviewed

CVE-2021-30232 was published May 24, 2022

An OS command injection vulnerability in the installUpdateThemePluginAction function in index.php... Critical Unreviewed

CVE-2020-35314 was published May 24, 2022

Command Injection in TOTOLINK X5000R router with firmware v9.1.0u.6118_B20201102, and TOTOLINK... Critical Unreviewed

CVE-2021-27710 was published May 24, 2022

Vembu BDR Suite before 4.2.0 allows Unauthenticated Remote Code Execution by placing a command in... Critical Unreviewed

CVE-2021-26472 was published May 24, 2022

SmartFabric storage software version 1.0.0 contains a Command-Injection vulnerability. A remote... Critical Unreviewed

CVE-2022-31232 was published Aug 31, 2022

zzzcms zzzphp before 2.0.4 allows remote attackers to execute arbitrary OS commands by placing... Critical Unreviewed

CVE-2021-32605 was published May 24, 2022

SolarView Compact SV-CPT-MC310 prior to Ver.6.5 allows an attacker to execute arbitrary OS... Critical Unreviewed

CVE-2021-20658 was published May 24, 2022

In JetBrains TeamCity before 2020.2.4, OS command injection leading to remote code execution was... Critical Unreviewed

CVE-2021-31915 was published May 24, 2022

Netis WF2780 2.3.40404 and WF2411 1.1.29629 devices allow Shell Metacharacter Injection into the... Critical Unreviewed

CVE-2021-26747 was published May 24, 2022

The api/ZRIGMP/set_MLD_PROXY interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote... Critical Unreviewed

CVE-2021-30234 was published May 24, 2022

The api/zrDm/set_ZRElink interface in China Mobile An Lianbao WF-1 router 1.0.1 allows remote... Critical Unreviewed

CVE-2021-30231 was published May 24, 2022

The api/ZRAndlink/set_ZRAndlink interface in China Mobile An Lianbao WF-1 router 1.0.1 allows... Critical Unreviewed

CVE-2021-30228 was published May 24, 2022

An input validation flaw in the Symantec Security Analytics web UI 7.2 prior 7.2.7, 8.1, prior to... Critical Unreviewed

CVE-2021-30642 was published May 24, 2022

Aterm WG2600HS firmware Ver1.5.1 and earlier allows an attacker to execute arbitrary OS commands... Critical Unreviewed

CVE-2021-20711 was published May 24, 2022

Command Injection in TOTOLINK X5000R router with firmware v9.1.0u.6118_B20201102, and TOTOLINK... Critical Unreviewed

CVE-2021-27708 was published May 24, 2022

An issue was discovered in D-Link DIR-816 A2 1.10 B05 devices. An HTTP request parameter is used... Critical Unreviewed

CVE-2021-27113 was published May 24, 2022

WebSVN before 2.6.1 allows remote attackers to execute arbitrary commands via shell... Critical Unreviewed

CVE-2021-32305 was published May 24, 2022

HNAP1/control/SetMasterWLanSettings.php in D-Link D-Link Router DIR-846 DIR-846 A1_100.26 allows... Critical Unreviewed

CVE-2020-27600 was published May 24, 2022

A remote execution of arbitrary commands vulnerability was discovered in some Aruba Instant... Critical Unreviewed

CVE-2020-24636 was published May 24, 2022

Genexis PLATINUM 4410 2.1 P4410-V2-1.28 devices allow remote attackers to execute arbitrary code... Critical Unreviewed

CVE-2021-29003 was published May 24, 2022

Previous 1 2 … 37 38 39 40 41 … 44 45 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,120 advisories