Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,653
Erlang
29
GitHub Actions
16
Go
1,706
Maven
4,938
npm
3,471
NuGet
603
pip
2,985
Pub
10
RubyGems
826
Rust
772
Swift
34
Unreviewed advisories
All unreviewed
5,000+

211 advisories

Command Injection in libnmap Moderate
CVE-2018-16461 was published for libnmap (npm) Nov 1, 2018
Command Injection in dot Moderate
GHSA-4859-gpc7-4j66 was published for dot (npm) Jun 5, 2019
Rate Limiting Bypass in express-brute Moderate
GHSA-984p-xq9m-4rjw was published for express-brute (npm) Jun 7, 2019
Potential CSV Injection vector in OctoberCMS Moderate
CVE-2020-5299 was published for october/backend (Composer) Jun 3, 2020
staz0t
Command Injection in standard-version Moderate
GHSA-7xcx-6wjh-7xp2 was published for standard-version (npm) Jul 13, 2020
Command Injection in wxchangba Moderate
GHSA-j6v9-xgvh-f796 was published for wxchangba (npm) Sep 11, 2020
Arbitrary Command Injection in portprocesses Moderate
CVE-2021-23348 was published for portprocesses (npm) Apr 6, 2021
omnitaint
Arbitrary code execution in kill-by-port Moderate
CVE-2021-23363 was published for kill-by-port (npm) Apr 13, 2021
Arbitrary command execution in roar-pidusage Moderate
CVE-2021-23380 was published for roar-pidusage (npm) May 6, 2021
Script injection Moderate
CVE-2021-32661 was published for @backstage/plugin-techdocs (npm) Jun 4, 2021
Script injection Moderate
CVE-2021-32660 was published for @backstage/techdocs-common (npm) Jun 4, 2021
Data races in noise_search Moderate
CVE-2020-36461 was published for noise_search (Rust) Aug 25, 2021
Argument injection in lettre Moderate
CVE-2020-28247 was published for lettre (Rust) Aug 25, 2021
vin01
By executing a special command, an user with administrative rights can get access to extended... Moderate Unreviewed
CVE-2021-23861 was published Dec 9, 2021
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed
CVE-2021-45593 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed
CVE-2021-45592 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed
CVE-2021-45594 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed
CVE-2021-45591 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed
CVE-2021-45589 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed
CVE-2021-45590 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed
CVE-2021-45588 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed
CVE-2021-45587 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed
CVE-2021-45586 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed
CVE-2021-45585 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects... Moderate Unreviewed
CVE-2021-45583 was published Dec 27, 2021
ProTip! Advisories are also available from the GraphQL API