GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
817 advisories
Filter by severity
Zoho ManageEngine Network Configuration Manager before 125488 is vulnerable to command injection...
Critical
Unreviewed
CVE-2021-43319
was published
Dec 1, 2021
An issue was discovered in Digi TransPort DR64, SR44 VC74, and WR. The ZING protocol allows...
Critical
Unreviewed
CVE-2021-35978
was published
Dec 11, 2021
Mesa Labs AmegaView version 3.0 is vulnerable to a command injection, which may allow an attacker...
Critical
Unreviewed
CVE-2021-27447
was published
Dec 22, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This...
Critical
Unreviewed
CVE-2021-45630
was published
Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This...
Critical
Unreviewed
CVE-2021-45627
was published
Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This...
Critical
Unreviewed
CVE-2021-45625
was published
Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This...
Critical
Unreviewed
CVE-2021-45624
was published
Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This...
Critical
Unreviewed
CVE-2021-45623
was published
Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This...
Critical
Unreviewed
CVE-2021-45620
was published
Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This...
Critical
Unreviewed
CVE-2021-45621
was published
Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This...
Critical
Unreviewed
CVE-2021-45622
was published
Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This...
Critical
Unreviewed
CVE-2021-45617
was published
Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This...
Critical
Unreviewed
CVE-2021-45616
was published
Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This...
Critical
Unreviewed
CVE-2021-45614
was published
Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This...
Critical
Unreviewed
CVE-2021-45619
was published
Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This...
Critical
Unreviewed
CVE-2021-45618
was published
Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This...
Critical
Unreviewed
CVE-2021-45612
was published
Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This...
Critical
Unreviewed
CVE-2021-45613
was published
Dec 27, 2021
NETGEAR XR1000 devices before 1.0.0.58 are affected by command injection by an unauthenticated...
Critical
Unreviewed
CVE-2021-45513
was published
Dec 27, 2021
The downloadFlile.cgi binary file in TOTOLINK EX200 V4.0.3c.7646_B20201211 has a command...
Critical
Unreviewed
CVE-2021-43711
was published
Jan 5, 2022
jpress v4.2.0 is vulnerable to command execution via io.jpress.web.admin._AddonController:...
Critical
Unreviewed
CVE-2021-45807
was published
Jan 14, 2022
China Mobile An Lianbao WF-1 v1.0.1 router web interface through /api/ZRMacClone/mac_addr_clone...
Critical
Unreviewed
CVE-2021-33963
was published
Jan 16, 2022
Embedded web server command injection vulnerability in Lexmark devices through 2021-12-07.
Critical
Unreviewed
CVE-2021-44735
was published
Jan 21, 2022
lib/Image/ExifTool.pm in ExifTool before 12.38 mishandles a $file =~ /\|$/ check.
Critical
Unreviewed
CVE-2022-23935
was published
Jan 26, 2022
The firmware on Moxa TN-5900 devices through 3.1 allows command injection that could lead to...
Critical
Unreviewed
CVE-2021-46560
was published
Jan 27, 2022
ProTip!
Advisories are also available from the
GraphQL API