GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
949 advisories
Filter by severity
The uri-block plugin in Apache APISIX before 2.10.2 uses $request_uri without verification. The ...
High
Unreviewed
CVE-2021-43557
was published
Nov 23, 2021
There is a command injection vulnerability in CMA service module of FusionCompute product when...
High
Unreviewed
CVE-2021-37102
was published
Nov 24, 2021
PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text...
High
Unreviewed
CVE-2021-28708
was published
Nov 25, 2021
PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text...
High
Unreviewed
CVE-2021-28704
was published
Nov 25, 2021
PoD operations on misaligned GFNs T[his CNA information record relates to multiple CVEs; the text...
High
Unreviewed
CVE-2021-28707
was published
Nov 25, 2021
VINGA WR-N300U 77.102.1.4853 is affected by a command execution vulnerability in the goahead...
High
Unreviewed
CVE-2021-43469
was published
Dec 7, 2021
A command Injection vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with...
High
Unreviewed
CVE-2021-42132
was published
Dec 8, 2021
A command injection vulnerability exists in Ivanti Avalanche before 6.3.3 allows an attacker with...
High
Unreviewed
CVE-2021-42129
was published
Dec 8, 2021
The executable file warning was not presented when downloading .inetloc files, which, due to a...
High
Unreviewed
CVE-2021-38510
was published
Dec 9, 2021
A crafted configuration packet sent by an authenticated administrative user can be used to...
High
Unreviewed
CVE-2021-23862
was published
Dec 9, 2021
Multiple improper neutralization of special elements used in a command vulnerabilities [CWE-77]...
High
Unreviewed
CVE-2021-36180
was published
Dec 9, 2021
SICK SOPAS ET before version 4.8.0 allows attackers to manipulate the command line arguments to...
High
Unreviewed
CVE-2021-32499
was published
Dec 18, 2021
Mesa Labs AmegaView Versions 3.0 and prior has a command injection vulnerability that can be...
High
Unreviewed
CVE-2021-27449
was published
Dec 22, 2021
A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via...
High
Unreviewed
CVE-2021-3621
was published
Dec 24, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This...
High
Unreviewed
CVE-2021-45635
was published
Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This...
High
Unreviewed
CVE-2021-45634
was published
Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This...
High
Unreviewed
CVE-2021-45633
was published
Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This...
High
Unreviewed
CVE-2021-45631
was published
Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This...
High
Unreviewed
CVE-2021-45632
was published
Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This...
High
Unreviewed
CVE-2021-45629
was published
Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This...
High
Unreviewed
CVE-2021-45628
was published
Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This...
High
Unreviewed
CVE-2021-45626
was published
Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This...
High
Unreviewed
CVE-2021-45615
was published
Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects...
High
Unreviewed
CVE-2021-45601
was published
Dec 27, 2021
Certain NETGEAR devices are affected by command injection by an authenticated user. This affects...
High
Unreviewed
CVE-2021-45602
was published
Dec 27, 2021
ProTip!
Advisories are also available from the
GraphQL API