GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,232
Erlang
31
GitHub Actions
20
Go
1,991
Maven
5,000+
npm
3,709
NuGet
661
pip
3,345
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
928 advisories
Filter by severity
Improper sanitization of branch names in GitLab Runner affecting all versions prior to 15.3.5, 15...
High
Unreviewed
CVE-2022-2251
was published
Jan 17, 2023
In ims service, there is a possible AT command injection due to a missing permission check. This...
High
Unreviewed
CVE-2022-20054
was published
Mar 11, 2022
Okta Advanced Server Access Client for Linux and macOS prior to version 1.58.0 was found to be...
High
Unreviewed
CVE-2022-1030
was published
Mar 24, 2022
The snaptPowered2 component of Snapt Aria v12.8 was discovered to contain a command injection...
High
Unreviewed
CVE-2022-24237
was published
Mar 22, 2022
Improper neutralization of special elements used in a command ('Command Injection') vulnerability...
High
Unreviewed
CVE-2022-22688
was published
Mar 26, 2022
Multiple improper neutralization of special elements used in a command vulnerabilities [CWE-77]...
High
Unreviewed
CVE-2021-36180
was published
Dec 9, 2021
totolink EX300_v2 V4.0.3c.140_B20210429 was discovered to contain a command injection...
High
Unreviewed
CVE-2021-43663
was published
Apr 1, 2022
The executable file warning was not presented when downloading .inetloc files, which, due to a...
High
Unreviewed
CVE-2021-38510
was published
Dec 9, 2021
totolink EX300_v2 V4.0.3c.140_B20210429 was discovered to contain a command injection...
High
Unreviewed
CVE-2021-43664
was published
Apr 1, 2022
SICK SOPAS ET before version 4.8.0 allows attackers to manipulate the command line arguments to...
High
Unreviewed
CVE-2021-32499
was published
Dec 18, 2021
A vulnerability in the CLI of Cisco StarOS could allow an authenticated, local attacker to...
High
Unreviewed
CVE-2022-20665
was published
Apr 7, 2022
Trendnet AC2600 TEW-827DRU version 2.08B01 is vulnerable to command injection. The system log...
High
Unreviewed
CVE-2021-20159
was published
Dec 31, 2021
Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary...
High
Unreviewed
CVE-2021-45978
was published
Jan 5, 2022
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects...
High
Unreviewed
CVE-2021-45602
was published
Dec 27, 2021
Netgear Nighthawk R6700 version 1.0.4.120 contains a command injection vulnerability in update...
High
Unreviewed
CVE-2021-20173
was published
Dec 31, 2021
Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary...
High
Unreviewed
CVE-2021-45979
was published
Jan 5, 2022
A improper neutralization of special elements used in a command ('command injection') in Fortinet...
High
Unreviewed
CVE-2021-41016
was published
Feb 8, 2022
An authenticated user may be able to misuse parameters to inject arbitrary operating system...
High
Unreviewed
CVE-2022-0999
was published
Apr 12, 2022
Trendnet AC2600 TEW-827DRU version 2.08B01 contains a command injection vulnerability in the smb...
High
Unreviewed
CVE-2021-20160
was published
Dec 31, 2021
An issue was discovered in ThoughtWorks GoCD before 21.3.0. An attacker with privileges to create...
High
Unreviewed
CVE-2021-43286
was published
Apr 15, 2022
jpress v4.2.0 admin panel provides a function through which attackers can modify the template and...
High
Unreviewed
CVE-2021-45806
was published
Jan 14, 2022
IBM AIX 7.0, 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a...
High
Unreviewed
CVE-2021-38991
was published
Jan 12, 2022
A origin validation error vulnerability in Trend Micro Apex One (on-prem and SaaS) could allow a...
High
Unreviewed
CVE-2021-45441
was published
Jan 11, 2022
An exploitable command injection vulnerability exists in the web management interface used by the...
High
Unreviewed
CVE-2017-2832
was published
May 13, 2022
An exploitable command injection vulnerability exists in the web management interface used by the...
High
Unreviewed
CVE-2017-2833
was published
May 13, 2022
ProTip!
Advisories are also available from the
GraphQL API