Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,800
Erlang
36
GitHub Actions
29
Go
2,380
Maven
5,000+
npm
4,005
NuGet
720
pip
3,805
Pub
12
RubyGems
927
Rust
986
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,983 advisories

Loading
An improper input validation vulnerability in FortiClient for Linux 6.4.x before 6.4.3,... High Unreviewed
CVE-2021-22127 was published Apr 7, 2022
An improper neutralization of special elements used in an OS command vulnerability in the command... High Unreviewed
CVE-2021-26116 was published Apr 7, 2022
Hitron CHITA 7.2.2.0.3b6-CD devices contain a command injection vulnerability via the Device/DDNS... High Unreviewed
CVE-2022-25017 was published Apr 2, 2022
Netcommunity OG410X and OG810X series (Netcommunity OG410Xa, OG410Xi, OG810Xa, and OG810Xi... High Unreviewed
CVE-2022-22986 was published Apr 1, 2022
NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands ... High Unreviewed
CVE-2022-27945 was published Mar 27, 2022
NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands ... High Unreviewed
CVE-2022-27946 was published Mar 27, 2022
NETGEAR R8500 1.0.2.158 devices allow remote authenticated users to execute arbitrary commands ... High Unreviewed
CVE-2022-27947 was published Mar 27, 2022
Specially crafted string in OTRS system configuration can allow the execution of any system command. High Unreviewed
CVE-2021-36100 was published Mar 22, 2022
There is remote authenticated OS command injection on TP-Link Archer C20i 0.9.1 3.2 v003a.0 Build... High Unreviewed
CVE-2021-44827 was published Mar 5, 2022
An improper neutralization of special elements used in an OS Command vulnerability [CWE-78] in... High Unreviewed
CVE-2022-22301 was published Mar 3, 2022
A improper neutralization of special elements used in an os command ('os command injection') in... High Unreviewed
CVE-2021-43075 was published Mar 2, 2022
A command injection vulnerability in the CGI program of the Zyxel ARMOR Z1/Z2 firmware could... High Unreviewed
CVE-2021-4029 was published Feb 25, 2022
A vulnerability in the NX-API feature of Cisco NX-OS Software could allow an authenticated,... High Unreviewed
CVE-2022-20650 was published Feb 24, 2022
VMware NSX Edge contains a CLI shell injection vulnerability. A malicious actor with SSH access... High Unreviewed
CVE-2022-22945 was published Feb 17, 2022
Hidden functionality vulnerability in ELECOM LAN routers (WRH-300BK3 firmware v1.05 and earlier,... High Unreviewed
CVE-2022-21173 was published Feb 9, 2022
A improper neutralization of special elements used in an os command ('os command injection') in... High Unreviewed
CVE-2021-43073 was published Feb 8, 2022
Improper neutralization of special elements used in an OS command ('OS Command Injection')... High Unreviewed
CVE-2021-43928 was published Feb 8, 2022
A improper neutralization of special elements used in an os command ('os command injection') in... High Unreviewed
CVE-2021-41018 was published Feb 3, 2022
Liferay Portal Server tested on 7.3.5 GA6, 7.2.0 GA1 is affected by OS Command Injection. An... High Unreviewed
CVE-2020-28885 was published Jan 29, 2022
Liferay Portal Server tested on 7.3.5 GA6, 7.2.0 GA1 is affected by OS Command Injection. An... High Unreviewed
CVE-2020-28884 was published Jan 29, 2022
An OS command injection vulnerability exists in the device network settings functionality of... High Unreviewed
CVE-2021-40411 was published Jan 29, 2022
An OS command injection vulnerability exists in the device network settings functionality of... High Unreviewed
CVE-2021-40410 was published Jan 29, 2022
An OScommand injection vulnerability exists in the device network settings functionality of... High Unreviewed
CVE-2021-40412 was published Jan 29, 2022
Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authenticated remote code... High Unreviewed
CVE-2021-36295 was published Jan 27, 2022
Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authenticated remote code... High Unreviewed
CVE-2021-36296 was published Jan 27, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database