GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,318
Erlang
31
GitHub Actions
21
Go
2,076
Maven
5,000+
npm
3,746
NuGet
674
pip
3,434
Pub
12
RubyGems
892
Rust
880
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,841 advisories
Filter by severity
A improper neutralization of special elements used in an os command ('os command injection') in...
High
Unreviewed
CVE-2021-41018
was published
Feb 3, 2022
Liferay Portal Server tested on 7.3.5 GA6, 7.2.0 GA1 is affected by OS Command Injection. An...
High
Unreviewed
CVE-2020-28885
was published
Jan 29, 2022
Liferay Portal Server tested on 7.3.5 GA6, 7.2.0 GA1 is affected by OS Command Injection. An...
High
Unreviewed
CVE-2020-28884
was published
Jan 29, 2022
An OS command injection vulnerability exists in the device network settings functionality of...
High
Unreviewed
CVE-2021-40411
was published
Jan 29, 2022
An OScommand injection vulnerability exists in the device network settings functionality of...
High
Unreviewed
CVE-2021-40412
was published
Jan 29, 2022
An OS command injection vulnerability exists in the device network settings functionality of...
High
Unreviewed
CVE-2021-40410
was published
Jan 29, 2022
Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authenticated remote code...
High
Unreviewed
CVE-2021-36295
was published
Jan 27, 2022
Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authenticated remote code...
High
Unreviewed
CVE-2021-36296
was published
Jan 27, 2022
Improper sanitization in the invocation of ODA File Converter from FreeCAD 0.19 allows an...
High
Unreviewed
CVE-2021-45844
was published
Jan 26, 2022
The Path Sanity Check script of FreeCAD 0.19 is vulnerable to OS command injection, allowing an...
High
Unreviewed
CVE-2021-45845
was published
Jan 26, 2022
Dell EMC Unity, Dell EMC UnityVSA and Dell EMC Unity XT versions prior to 5.1.2.0.5.007 contain...
High
Unreviewed
CVE-2021-43589
was published
Jan 25, 2022
A command Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.7.5 allows local...
High
Unreviewed
CVE-2021-31854
was published
Jan 20, 2022
IBM FileNet Content Manager 5.5.4, 5.5.6, and 5.5.7 could allow a remote authenticated attacker...
High
Unreviewed
CVE-2021-38965
was published
Jan 18, 2022
The files_antivirus component before 1.0.0 for ownCloud allows OS Command Injection via the...
High
Unreviewed
CVE-2021-33827
was published
Jan 16, 2022
In Lens prior to 5.3.4, custom helm chart configuration creates helm commands from string...
High
Unreviewed
CVE-2021-23154
was published
Jan 11, 2022
A vulnerability in the TFTP client of Zyxel GS1900 series firmware, XGS1210 series firmware, and...
High
Unreviewed
CVE-2021-35031
was published
Dec 29, 2021
A vulnerability in the 'libsal.so' of the Zyxel GS1900 series firmware version 2.60 could allow...
High
Unreviewed
CVE-2021-35032
was published
Dec 29, 2021
TP-Link wifi router TL-WR802N V4(JP), with firmware version prior to 211202, is vulnerable to OS...
High
Unreviewed
CVE-2021-4144
was published
Dec 24, 2021
A server side remote code execution vulnerability was found in Foreman project. A authenticated...
High
Unreviewed
CVE-2021-3584
was published
Dec 24, 2021
A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via...
High
Unreviewed
CVE-2021-3621
was published
Dec 24, 2021
An OS command injection vulnerability exists in the Web Manager FsUnmount functionality of...
High
Unreviewed
CVE-2021-21882
was published
Dec 23, 2021
OS Command Injection vulnerability in the wirelessConnect handler of Abode iota All-In-One...
High
Unreviewed
CVE-2020-8105
was published
Dec 21, 2021
FiberHome ONU GPON AN5506-04-F RP2617 is affected by an OS command injection vulnerability. This...
High
Unreviewed
CVE-2021-42912
was published
Dec 17, 2021
Two methods of a utility class in SAP NetWeaver AS ABAP - versions 700, 701, 702, 710, 711, 730,...
High
Unreviewed
CVE-2021-44235
was published
Dec 15, 2021
A violation of secure design principles in Fortinet Meru AP version 8.6.1 and below, version 8.5...
High
Unreviewed
CVE-2021-42759
was published
Dec 10, 2021
ProTip!
Advisories are also available from the
GraphQL API