Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+

986 advisories

Loading
Embedded web server command injection vulnerability in Lexmark devices through 2021-12-07. Critical Unreviewed
CVE-2021-44735 was published Jan 21, 2022
China Mobile An Lianbao WF-1 v1.0.1 router web interface through /api/ZRMacClone/mac_addr_clone... Critical Unreviewed
CVE-2021-33963 was published Jan 16, 2022
jpress v4.2.0 is vulnerable to command execution via io.jpress.web.admin._AddonController:... Critical Unreviewed
CVE-2021-45807 was published Jan 14, 2022
Command Injection in node-windows Critical
CVE-2021-45459 was published for node-windows (npm) Jan 5, 2022
dwisiswant0 tdunlap607
The downloadFlile.cgi binary file in TOTOLINK EX200 V4.0.3c.7646_B20201211 has a command... Critical Unreviewed
CVE-2021-43711 was published Jan 5, 2022
NETGEAR XR1000 devices before 1.0.0.58 are affected by command injection by an unauthenticated... Critical Unreviewed
CVE-2021-45513 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-45612 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-45613 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-45618 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-45617 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-45616 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-45619 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-45614 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-45621 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-45620 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-45622 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-45623 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-45624 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-45625 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-45627 was published Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Critical Unreviewed
CVE-2021-45630 was published Dec 27, 2021
Mesa Labs AmegaView version 3.0 is vulnerable to a command injection, which may allow an attacker... Critical Unreviewed
CVE-2021-27447 was published Dec 22, 2021
Command injection in itext7-core Critical
CVE-2021-43113 was published for com.itextpdf:itext7-core (Maven) Dec 16, 2021
An issue was discovered in Digi TransPort DR64, SR44 VC74, and WR. The ZING protocol allows... Critical Unreviewed
CVE-2021-35978 was published Dec 11, 2021
Zoho ManageEngine Network Configuration Manager before 125488 is vulnerable to command injection... Critical Unreviewed
CVE-2021-43319 was published Dec 1, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database