Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,869
Erlang
29
GitHub Actions
16
Go
1,717
Maven
4,951
npm
3,480
NuGet
605
pip
3,026
Pub
10
RubyGems
832
Rust
776
Swift
34
Unreviewed advisories
All unreviewed
5,000+

2,859 advisories

A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via... High Unreviewed
CVE-2021-3621 was published Dec 24, 2021
An OS command injection vulnerability exists in the Web Manager Diagnostics: Traceroute... Critical Unreviewed
CVE-2021-21872 was published Dec 23, 2021
A specially-crafted HTTP request can lead to arbitrary command execution in RSA keypasswd... Critical Unreviewed
CVE-2021-21873 was published Dec 23, 2021
A specially-crafted HTTP request can lead to arbitrary command execution in EC keypasswd... Critical Unreviewed
CVE-2021-21875 was published Dec 23, 2021
Specially-crafted HTTP requests can lead to arbitrary command execution in PUT requests. An... Critical Unreviewed
CVE-2021-21876 was published Dec 23, 2021
A specially-crafted HTTP request can lead to arbitrary command execution in DSA keypasswd... Critical Unreviewed
CVE-2021-21874 was published Dec 23, 2021
Specially-crafted HTTP requests can lead to arbitrary command execution in “GET” requests. An... Critical Unreviewed
CVE-2021-21877 was published Dec 23, 2021
An OS command injection vulnerability exists in the Web Manager Wireless Network Scanner... Critical Unreviewed
CVE-2021-21881 was published Dec 23, 2021
An OS command injection vulnerability exists in the Web Manager FsUnmount functionality of... High Unreviewed
CVE-2021-21882 was published Dec 23, 2021
An OS command injection vulnerability exists in the Web Manager Diagnostics: Ping functionality... Critical Unreviewed
CVE-2021-21883 was published Dec 23, 2021
An OS command injection vulnerability exists in the Web Manager SslGenerateCSR functionality of... Critical Unreviewed
CVE-2021-21884 was published Dec 23, 2021
An OS command injection vulnerability exists in the Web Manager SslGenerateCertificate... Critical Unreviewed
CVE-2021-21888 was published Dec 23, 2021
OS Command Injection vulnerability in the wirelessConnect handler of Abode iota All-In-One... High Unreviewed
CVE-2020-8105 was published Dec 21, 2021
FiberHome ONU GPON AN5506-04-F RP2617 is affected by an OS command injection vulnerability. This... High Unreviewed
CVE-2021-42912 was published Dec 17, 2021
Two methods of a utility class in SAP NetWeaver AS ABAP - versions 700, 701, 702, 710, 711, 730,... High Unreviewed
CVE-2021-44235 was published Dec 15, 2021
Command injection in github-todos Critical
CVE-2021-44684 was published for github-todos (npm) Dec 10, 2021
dwisiswant0
OS Command Injection in pixl-class High
CVE-2020-7640 was published for pixl-class (npm) Dec 10, 2021
OS Command Injection in Strapi High
CVE-2019-19609 was published for strapi (npm) Dec 10, 2021
A violation of secure design principles in Fortinet Meru AP version 8.6.1 and below, version 8.5... High Unreviewed
CVE-2021-42759 was published Dec 10, 2021
An unauthenticated command injection vulnerability exists in multiple parameters in the Gryphon... High Unreviewed
CVE-2021-20138 was published Dec 10, 2021
An unauthenticated command injection vulnerability exists in the parameters of operation 3 in the... High Unreviewed
CVE-2021-20139 was published Dec 10, 2021
An unauthenticated command injection vulnerability exists in the parameters of operation 32 in... High Unreviewed
CVE-2021-20141 was published Dec 10, 2021
An unauthenticated command injection vulnerability exists in the parameters of operation 10 in... High Unreviewed
CVE-2021-20140 was published Dec 10, 2021
An unauthenticated command injection vulnerability exists in the parameters of operation 41 in... High Unreviewed
CVE-2021-20142 was published Dec 10, 2021
An unauthenticated command injection vulnerability exists in the parameters of operation 48 in... High Unreviewed
CVE-2021-20143 was published Dec 10, 2021
ProTip! Advisories are also available from the GraphQL API