Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,373
Erlang
33
GitHub Actions
22
Go
2,135
Maven
5,000+
npm
3,797
NuGet
687
pip
3,478
Pub
12
RubyGems
896
Rust
897
Swift
38
Unreviewed advisories
All unreviewed
5,000+

3,438 advisories

Loading
An unauthenticated command injection vulnerability exists in the parameters of operation 32 in... High Unreviewed
CVE-2021-20141 was published Dec 10, 2021
An unauthenticated command injection vulnerability exists in the parameters of operation 10 in... High Unreviewed
CVE-2021-20140 was published Dec 10, 2021
An unauthenticated command injection vulnerability exists in the parameters of operation 41 in... High Unreviewed
CVE-2021-20142 was published Dec 10, 2021
An unauthenticated command injection vulnerability exists in the parameters of operation 48 in... High Unreviewed
CVE-2021-20143 was published Dec 10, 2021
An unauthenticated command injection vulnerability exists in the parameters of operation 49 in... High Unreviewed
CVE-2021-20144 was published Dec 10, 2021
A command execution vulnerability exists in the wifi_country_code_update functionality of the... Critical Unreviewed
CVE-2021-21954 was published Dec 10, 2021
OS Command Injection in fsa Moderate
CVE-2020-7615 was published for fsa (npm) Dec 9, 2021
OS Command Injection in adb-driver Critical
CVE-2020-7636 was published for adb-driver (npm) Dec 9, 2021
OS Command Injection in heroku-addonpool Critical
CVE-2020-7634 was published for heroku-addonpool (npm) Dec 9, 2021
Improper neutralization of special elements in the SMA100 management interface '/cgi-bin/viewcert... High Unreviewed
CVE-2021-20039 was published Dec 9, 2021
A post-authentication remote command injection vulnerability in SonicWall SMA100 allows a remote... High Unreviewed
CVE-2021-20044 was published Dec 9, 2021
Multiple command injection vulnerabilities in the command line interpreter of FortiWeb versions 6... High Unreviewed
CVE-2021-36195 was published Dec 9, 2021
A crafted configuration packet sent by an authenticated administrative user can be used to... High Unreviewed
CVE-2021-23862 was published Dec 9, 2021
Command injection in git-it-electron Critical
CVE-2021-44685 was published for git-it-electron (npm) Dec 8, 2021
dwisiswant0
OS Command injection in docker-cli-js Moderate
CVE-2021-23732 was published for docker-cli-js (npm) Dec 2, 2021 withdrawn
ELECOM LAN routers (WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and... Moderate Unreviewed
CVE-2021-20853 was published Dec 2, 2021
ELECOM LAN routers (WRH-733GBK firmware v1.02.9 and prior and WRH-733GWH firmware v1.02.9 and... Moderate Unreviewed
CVE-2021-20854 was published Dec 2, 2021
ELECOM LAN routers (WRC-1167GST2 firmware v1.25 and prior, WRC-1167GST2A firmware v1.25 and prior... High Unreviewed
CVE-2021-20859 was published Dec 2, 2021
OS command injection vulnerability in ELECOM routers (WRC-1167GST2 firmware v1.25 and prior, WRC... High Unreviewed
CVE-2021-20863 was published Dec 2, 2021
OS Command Injection Vulnerability and Potential Zip Slip Vulnerability in baserCMS Critical
CVE-2021-41243 was published for baserproject/basercms (Composer) Dec 1, 2021
# Vulnerability in `pygmalion`, `pygmalion-virtualenv` and `refined` themes **Description**:... Critical Unreviewed
CVE-2021-3769 was published Dec 1, 2021
Vulnerability in dirhistory plugin Description: the widgets that go back and forward in the... High Unreviewed
CVE-2021-3725 was published Dec 1, 2021
# Vulnerability in `title` function **Description**: the `title` function defined in `lib... Critical Unreviewed
CVE-2021-3726 was published Dec 1, 2021
# Vulnerability in `rand-quote` and `hitokoto` plugins **Description**: the `rand-quote` and ... Critical Unreviewed
CVE-2021-3727 was published Dec 1, 2021
This issue was discovered when the ipTIME C200 IP Camera was synchronized with the ipTIME NAS. It... Critical Unreviewed
CVE-2020-7879 was published Dec 1, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database