Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,020 advisories

Loading
Improper Neutralization of Special Elements used in a Command in FitNesse Wiki High
CVE-2014-1216 was published for org.fitnesse:fitnesse (Maven) May 17, 2022
A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy... High Unreviewed
CVE-2021-26680 was published May 24, 2022
vSphere Replication 8.3.x prior to 8.3.1.2, 8.2.x prior to 8.2.1.1, 8.1.x prior to 8.1.2.3 and 6... High Unreviewed
CVE-2021-21976 was published May 24, 2022
A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy... High Unreviewed
CVE-2021-26683 was published May 24, 2022
A remote authenticated command Injection vulnerability was discovered in Aruba ClearPass Policy... High Unreviewed
CVE-2021-26681 was published May 24, 2022
Skype for Business and Lync Remote Code Execution Vulnerability High Unreviewed
CVE-2021-26422 was published May 24, 2022
A remote unauthorized access vulnerability was discovered in Aruba AirWave Management Platform... High Unreviewed
CVE-2021-25166 was published May 24, 2022
Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability High Unreviewed
CVE-2021-28455 was published May 24, 2022
prog.cgi on D-Link DIR-3060 devices before 1.11b04 HF2 allows remote authenticated users to... High Unreviewed
CVE-2021-28144 was published May 24, 2022
** DISPUTED ** MikroTik RouterOS 6.47.9 allows remote authenticated ftp users to create or... High Unreviewed
CVE-2021-27221 was published May 24, 2022
A command Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.7.5 allows local... High Unreviewed
CVE-2021-31854 was published Jan 20, 2022
A command injection on the /admin/broadcast.php script of Invigo Automatic Device Management (ADM... High Unreviewed
CVE-2020-10580 was published May 24, 2022
An issue was discovered on Libre Wireless LS9 LS1.5/p7040 devices. There is a luci_service Read_... High Unreviewed
CVE-2020-35755 was published May 24, 2022
Visual Studio Code Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31211. High Unreviewed
CVE-2021-31214 was published May 24, 2022
Grandstream GRP261x VoIP phone running firmware version 1.0.3.6 (Base) allows Command Injection... High Unreviewed
CVE-2020-25217 was published May 24, 2022
Db2 for Linux, UNIX and Windows (includes Db2 Connect Server) is vulnerable to a denial of... High Unreviewed
CVE-2021-29703 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W,... High Unreviewed
CVE-2021-1148 was published May 24, 2022
AVE DOMINAplus <=1.10.x suffers from an unauthenticated reboot command execution. Attackers can... High Unreviewed
CVE-2020-21996 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV110W,... High Unreviewed
CVE-2021-1149 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016,... High Unreviewed
CVE-2021-1317 was published May 24, 2022
A remote arbitrary command execution vulnerability was discovered in Aruba ClearPass Policy... High Unreviewed
CVE-2021-34611 was published May 24, 2022
KLog Server through 2.4.1 allows authenticated command injection. async.php calls shell_exec() on... High Unreviewed
CVE-2021-3317 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco Small Business RV016,... High Unreviewed
CVE-2021-1316 was published May 24, 2022
On BIG-IP versions 16.0.x before 16.0.1.1, 15.1.x before 15.1.3, 14.1.x before 14.1.4, and 13.1.x... High Unreviewed
CVE-2021-23012 was published May 24, 2022
An issue was discovered in Nagios XI 5.8.5. In the Manage Dashlets section of the Admin panel, an... High Unreviewed
CVE-2021-40345 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API