GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,004
Composer 4,056
Erlang 29
GitHub Actions 19
Go 1,889
Maven 5,081
npm 3,618
NuGet 638
pip 3,231
Pub 10
RubyGems 854
Rust 817
Swift 35

Unreviewed advisories

All unreviewed 227,924

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

189 advisories

Filter by severity

Sort by

Least recently updated

The Device42 Main Appliance before 17.05.01 does not sanitize user input in its Nmap Discovery... High Unreviewed

CVE-2021-41316 was published May 24, 2022

A Shell Metacharacter Injection vulnerability in result.php in DRK Odenwaldkreis Testerfassung... High Unreviewed

CVE-2021-35062 was published May 24, 2022

Quectel EG25-G devices through 202006130814 allow executing arbitrary code remotely by using an... Critical Unreviewed

CVE-2021-31698 was published May 24, 2022

An OS command argument injection vulnerability in the Palo Alto Networks PAN-OS web interface... Moderate Unreviewed

CVE-2021-3045 was published May 24, 2022

By abusing the 'install rpm info detail' command, an attacker can escape the restricted clish... High Unreviewed

CVE-2021-3540 was published May 24, 2022

An Argument Injection issue in the plugin management of Etherpad 1.8.13 allows privileged users... High Unreviewed

CVE-2021-34816 was published May 24, 2022

An issue was discovered in Echo ShareCare 8.15.5. The UnzipFile feature in Access... High Unreviewed

CVE-2021-36122 was published May 24, 2022

KuaiFanCMS V5.x contains an arbitrary file read vulnerability in the html_url parameter of the... Moderate Unreviewed

CVE-2021-3256 was published May 24, 2022

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker... High Unreviewed

CVE-2021-1485 was published May 24, 2022

NBBDownloader.ocx ActiveX Control in Groupware contains a vulnerability that could allow remote... High Unreviewed

CVE-2020-7850 was published May 24, 2022

Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated,... High Unreviewed

CVE-2021-1454 was published May 24, 2022

The fbgames protocol handler registered as part of Facebook Gameroom does not properly quote... Critical Unreviewed

CVE-2021-24030 was published May 24, 2022

In JetBrains TeamCity before 2020.2.3, argument injection leading to remote code execution was... Critical Unreviewed

CVE-2021-31909 was published May 24, 2022

Innorix Web-Based File Transfer Solution versuibs prior to and including 9.2.18.385 contains a... High Unreviewed

CVE-2020-7851 was published May 24, 2022

A vulnerability in the web UI of Cisco Modeling Labs could allow an authenticated, remote... High Unreviewed

CVE-2021-1531 was published May 24, 2022

A Remote Code Execution vulnerability has been found in Inspur ClusterEngine V4.0. A remote... Critical Unreviewed

CVE-2020-21224 was published May 24, 2022

DrayTek Vigor2960 1.5.1 allows remote command execution via shell metacharacters in a toLogin2FA... High Unreviewed

CVE-2020-19664 was published May 24, 2022

Xinuos (formerly SCO) Openserver v5 and v6 allows attackers to execute arbitrary commands via... Critical Unreviewed

CVE-2020-25494 was published May 24, 2022

A vulnerability in the remote management feature of Cisco SD-WAN vManage Software could allow an... High Unreviewed

CVE-2020-27129 was published May 24, 2022

Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability... Moderate Unreviewed

CVE-2020-5657 was published May 24, 2022

Improper neutralization of argument delimiters in a command in Nagios XI 5.7.3 allows a remote,... High Unreviewed

CVE-2020-5792 was published May 24, 2022

Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option,... Moderate Unreviewed

CVE-2020-17367 was published May 24, 2022

Multiple vulnerabilities in the CLI of Cisco IOS XE SD-WAN Software could allow an authenticated,... High Unreviewed

CVE-2021-1383 was published May 24, 2022

rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via... High Unreviewed

CVE-2020-12641 was published May 24, 2022

Command line arguments could have been injected during Firefox invocation as a shell handler for... Moderate Unreviewed

CVE-2020-6799 was published May 24, 2022

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

189 advisories