Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

3,263 advisories

Loading
A crafted configuration packet sent by an authenticated administrative user can be used to... High Unreviewed
CVE-2021-23862 was published Dec 9, 2021
Multiple command injection vulnerabilities in the command line interpreter of FortiWeb versions 6... High Unreviewed
CVE-2021-36195 was published Dec 9, 2021
A post-authentication remote command injection vulnerability in SonicWall SMA100 allows a remote... High Unreviewed
CVE-2021-20044 was published Dec 9, 2021
Improper neutralization of special elements in the SMA100 management interface '/cgi-bin/viewcert... High Unreviewed
CVE-2021-20039 was published Dec 9, 2021
OS Command Injection in heroku-addonpool Critical
CVE-2020-7634 was published for heroku-addonpool (npm) Dec 9, 2021
OS Command Injection in adb-driver Critical
CVE-2020-7636 was published for adb-driver (npm) Dec 9, 2021
OS Command Injection in fsa Moderate
CVE-2020-7615 was published for fsa (npm) Dec 9, 2021
A command execution vulnerability exists in the wifi_country_code_update functionality of the... Critical Unreviewed
CVE-2021-21954 was published Dec 10, 2021
An unauthenticated command injection vulnerability exists in the parameters of operation 49 in... High Unreviewed
CVE-2021-20144 was published Dec 10, 2021
An unauthenticated command injection vulnerability exists in the parameters of operation 48 in... High Unreviewed
CVE-2021-20143 was published Dec 10, 2021
An unauthenticated command injection vulnerability exists in the parameters of operation 41 in... High Unreviewed
CVE-2021-20142 was published Dec 10, 2021
An unauthenticated command injection vulnerability exists in the parameters of operation 10 in... High Unreviewed
CVE-2021-20140 was published Dec 10, 2021
An unauthenticated command injection vulnerability exists in the parameters of operation 32 in... High Unreviewed
CVE-2021-20141 was published Dec 10, 2021
An unauthenticated command injection vulnerability exists in the parameters of operation 3 in the... High Unreviewed
CVE-2021-20139 was published Dec 10, 2021
An unauthenticated command injection vulnerability exists in multiple parameters in the Gryphon... High Unreviewed
CVE-2021-20138 was published Dec 10, 2021
A violation of secure design principles in Fortinet Meru AP version 8.6.1 and below, version 8.5... High Unreviewed
CVE-2021-42759 was published Dec 10, 2021
OS Command Injection in Strapi High
CVE-2019-19609 was published for strapi (npm) Dec 10, 2021
OS Command Injection in pixl-class High
CVE-2020-7640 was published for pixl-class (npm) Dec 10, 2021
Command injection in github-todos Critical
CVE-2021-44684 was published for github-todos (npm) Dec 10, 2021
dwisiswant0
Two methods of a utility class in SAP NetWeaver AS ABAP - versions 700, 701, 702, 710, 711, 730,... High Unreviewed
CVE-2021-44235 was published Dec 15, 2021
FiberHome ONU GPON AN5506-04-F RP2617 is affected by an OS command injection vulnerability. This... High Unreviewed
CVE-2021-42912 was published Dec 17, 2021
OS Command Injection vulnerability in the wirelessConnect handler of Abode iota All-In-One... High Unreviewed
CVE-2020-8105 was published Dec 21, 2021
An OS command injection vulnerability exists in the Web Manager SslGenerateCertificate... Critical Unreviewed
CVE-2021-21888 was published Dec 23, 2021
An OS command injection vulnerability exists in the Web Manager Diagnostics: Ping functionality... Critical Unreviewed
CVE-2021-21883 was published Dec 23, 2021
An OS command injection vulnerability exists in the Web Manager SslGenerateCSR functionality of... Critical Unreviewed
CVE-2021-21884 was published Dec 23, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database