GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,266
Erlang
31
GitHub Actions
21
Go
2,041
Maven
5,000+
npm
3,733
NuGet
662
pip
3,414
Pub
12
RubyGems
891
Rust
866
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,091 advisories
Filter by severity
totolink EX300_v2 V4.0.3c.140_B20210429 was discovered to contain a command injection...
High
Unreviewed
CVE-2021-43663
was published
Apr 1, 2022
totolink EX300_v2 V4.0.3c.140_B20210429 was discovered to contain a command injection...
High
Unreviewed
CVE-2021-43664
was published
Apr 1, 2022
The executable file warning was not presented when downloading .inetloc files, which, due to a...
High
Unreviewed
CVE-2021-38510
was published
Dec 9, 2021
SICK SOPAS ET before version 4.8.0 allows attackers to manipulate the command line arguments to...
High
Unreviewed
CVE-2021-32499
was published
Dec 18, 2021
A vulnerability in the CLI of Cisco StarOS could allow an authenticated, local attacker to...
High
Unreviewed
CVE-2022-20665
was published
Apr 7, 2022
Trendnet AC2600 TEW-827DRU version 2.08B01 is vulnerable to command injection. The system log...
High
Unreviewed
CVE-2021-20159
was published
Dec 31, 2021
Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary...
High
Unreviewed
CVE-2021-45978
was published
Jan 5, 2022
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects...
High
Unreviewed
CVE-2021-45602
was published
Dec 27, 2021
Foxit PDF Reader and PDF Editor before 11.1 on macOS allow remote attackers to execute arbitrary...
High
Unreviewed
CVE-2021-45979
was published
Jan 5, 2022
Netgear Nighthawk R6700 version 1.0.4.120 contains a command injection vulnerability in update...
High
Unreviewed
CVE-2021-20173
was published
Dec 31, 2021
A improper neutralization of special elements used in a command ('command injection') in Fortinet...
High
Unreviewed
CVE-2021-41016
was published
Feb 8, 2022
An authenticated user may be able to misuse parameters to inject arbitrary operating system...
High
Unreviewed
CVE-2022-0999
was published
Apr 12, 2022
Trendnet AC2600 TEW-827DRU version 2.08B01 contains a command injection vulnerability in the smb...
High
Unreviewed
CVE-2021-20160
was published
Dec 31, 2021
An issue was discovered in ThoughtWorks GoCD before 21.3.0. An attacker with privileges to create...
High
Unreviewed
CVE-2021-43286
was published
Apr 15, 2022
jpress v4.2.0 admin panel provides a function through which attackers can modify the template and...
High
Unreviewed
CVE-2021-45806
was published
Jan 14, 2022
IBM AIX 7.0, 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a...
High
Unreviewed
CVE-2021-38991
was published
Jan 12, 2022
A origin validation error vulnerability in Trend Micro Apex One (on-prem and SaaS) could allow a...
High
Unreviewed
CVE-2021-45441
was published
Jan 11, 2022
An exploitable command injection vulnerability exists in the web management interface used by the...
High
Unreviewed
CVE-2017-2832
was published
May 13, 2022
An exploitable command injection vulnerability exists in the web management interface used by the...
High
Unreviewed
CVE-2017-2833
was published
May 13, 2022
Improper Neutralization of Special Elements used in a Command in Apache Cassandra
High
CVE-2015-0225
was published
for
org.apache.cassandra:apache-cassandra
(Maven)
May 14, 2022
Command injection in czproject/git-php
High
CVE-2022-25866
was published
for
czproject/git-php
(Composer)
Apr 26, 2022
The BeanShell components of IRISNext through 9.8.28 allow execution of arbitrary commands on the...
High
Unreviewed
CVE-2022-26111
was published
Apr 26, 2022
SolarWinds Platform was susceptible to Command Injection. This vulnerability allows a remote...
High
Unreviewed
CVE-2022-36962
was published
Nov 29, 2022
A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy...
High
Unreviewed
CVE-2021-26684
was published
May 24, 2022
Improper Neutralization of Special Elements used in a Command in FitNesse Wiki
High
CVE-2014-1216
was published
for
org.fitnesse:fitnesse
(Maven)
May 17, 2022
ProTip!
Advisories are also available from the
GraphQL API