GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,369
Composer 4,373
Erlang 33
GitHub Actions 22
Go 2,135
Maven 5,313
npm 3,797
NuGet 687
pip 3,478
Pub 12
RubyGems 896
Rust 897
Swift 38

Unreviewed advisories

All unreviewed 245,479

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

866 advisories

Filter by severity

Sort by

Least recently updated

OS Command Injection in GitHub repository part-db/part-db prior to 0.5.11. Critical Unreviewed

CVE-2022-0848 was published Mar 5, 2022

Hicos citizen certificate client-side component does not filter special characters for command... Critical Unreviewed

CVE-2020-12775 was published Mar 2, 2022

A command injection vulnerability in the web interface of the Zyxel NWA-1100-NH firmware could... Critical Unreviewed

CVE-2021-4039 was published Mar 2, 2022

JetBrains TeamCity before 2021.2.3 was vulnerable to OS command injection in the Agent Push... Critical Unreviewed

CVE-2022-25263 was published Feb 26, 2022

MMP: All versions prior to v1.0.3, PTP C-series: Device versions prior to v2.8.6.1, and PTMP C... Critical Unreviewed

CVE-2022-21143 was published Feb 19, 2022

A Remote Command Execution (RCE) vulnerability exists in all series H/W revisions D-link DIR-810L... Critical Unreviewed

CVE-2021-45382 was published Feb 18, 2022

Remote Command Execution (RCE) vulnerability exists in HNAP1/control/SetWizardConfig.php in D... Critical Unreviewed

CVE-2021-46315 was published Feb 18, 2022

Remote Code Execution (RCE) vulnerability exists in D-Link Router DIR-846 DIR846A1_FW100A43.bin... Critical Unreviewed

CVE-2021-46319 was published Feb 18, 2022

A trivial sandbox (enabled with the `-dSAFER` option) escape flaw was found in the ghostscript... Critical Unreviewed

CVE-2021-3781 was published Feb 17, 2022

An OS command injection was found in SecuwaySSL, when special characters injection on execute... Critical Unreviewed

CVE-2021-26616 was published Feb 11, 2022

Multiple vulnerabilities in Cisco Small Business RV160, RV260, RV340, and RV345 Series Routers... Critical Unreviewed

CVE-2022-20708 was published Feb 11, 2022

Remote Code Execution in cominput.jsp and comoutput.jsp in Northstar Technologies Inc NorthStar... Critical Unreviewed

CVE-2021-29393 was published Feb 10, 2022

The affected product is vulnerable to an authenticated OS command injection, which may allow an... Critical Unreviewed

CVE-2022-0365 was published Feb 10, 2022

D-Link device DIR_878_FW1.30B08_Hotfix_02 was discovered to contain a command injection... Critical Unreviewed

CVE-2021-44882 was published Feb 8, 2022

D-Link devices DIR_878 DIR_878_FW1.30B08_Hotfix_02 and DIR_882 DIR_882_FW1.30B06_Hotfix_02 were... Critical Unreviewed

CVE-2021-44880 was published Feb 8, 2022

D-Link device DIR_882 DIR_882_FW1.30B06_Hotfix_02 was discovered to contain a command injection... Critical Unreviewed

CVE-2021-44881 was published Feb 8, 2022

An OS command injection vulnerability exists in the device network settings functionality of... Critical Unreviewed

CVE-2021-40409 was published Jan 29, 2022

An OS command injection vulnerability exists in the device network settings functionality of... Critical Unreviewed

CVE-2021-40408 was published Jan 29, 2022

An OS command injection vulnerability exists in the device network settings functionality of... Critical Unreviewed

CVE-2021-40407 was published Jan 29, 2022

China Mobile An Lianbao WF-1 router v1.0.1 is affected by an OS command injection vulnerability... Critical Unreviewed

CVE-2021-33962 was published Jan 15, 2022

mySCADA myPRO: Versions 8.20.0 and prior has a feature where the password can be specified, which... Critical Unreviewed

CVE-2021-23198 was published Dec 24, 2021

mySCADA myPRO: Versions 8.20.0 and prior has a feature where the API password can be specified,... Critical Unreviewed

CVE-2021-22657 was published Dec 24, 2021

mySCADA myPRO: Versions 8.20.0 and prior has a feature where the firmware can be updated, which... Critical Unreviewed

CVE-2021-43984 was published Dec 24, 2021

mySCADA myPRO: Versions 8.20.0 and prior has a feature to send emails, which may allow an... Critical Unreviewed

CVE-2021-43981 was published Dec 24, 2021

mySCADA myPRO: Versions 8.20.0 and prior has a vulnerable debug interface which includes a ping... Critical Unreviewed

CVE-2021-44453 was published Dec 24, 2021

Previous 1 2 … 31 32 33 34 35 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

866 advisories