Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,205 advisories

Loading
A remote authenticated command Injection vulnerability was discovered in Aruba ClearPass Policy... High Unreviewed
CVE-2021-26681 was published May 24, 2022
A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy... High Unreviewed
CVE-2021-26680 was published May 24, 2022
vSphere Replication 8.3.x prior to 8.3.1.2, 8.2.x prior to 8.2.1.1, 8.1.x prior to 8.1.2.3 and 6... High Unreviewed
CVE-2021-21976 was published May 24, 2022
A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy... High Unreviewed
CVE-2021-26683 was published May 24, 2022
D-Link DSL-2750B devices before 1.05 allow remote unauthenticated command injection via the login... Critical Unreviewed
CVE-2016-20017 was published Oct 19, 2022
Improper Neutralization of Special Elements used in a Command in FitNesse Wiki High
CVE-2014-1216 was published for org.fitnesse:fitnesse (Maven) May 17, 2022
A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy... High Unreviewed
CVE-2021-26684 was published May 24, 2022
SolarWinds Platform was susceptible to Command Injection. This vulnerability allows a remote... High Unreviewed
CVE-2022-36962 was published Nov 29, 2022
The BeanShell components of IRISNext through 9.8.28 allow execution of arbitrary commands on the... High Unreviewed
CVE-2022-26111 was published Apr 26, 2022
Improper Neutralization of Special Elements used in a Command in Apache Cassandra High
CVE-2015-0225 was published for org.apache.cassandra:apache-cassandra (Maven) May 14, 2022
Command injection in czproject/git-php High
CVE-2022-25866 was published for czproject/git-php (Composer) Apr 26, 2022
Multiple command injections and stack-based buffer overflows vulnerabilities in the... Critical Unreviewed
CVE-2021-26727 was published Oct 24, 2022
Command injection and multiple stack-based buffer overflows vulnerabilities in the... Critical Unreviewed
CVE-2021-26729 was published Oct 24, 2022
OS Command Injection in git-pull-or-clone Critical
CVE-2022-24437 was published for git-pull-or-clone (npm) May 3, 2022
lirantal
An exploitable command injection vulnerability exists in the web management interface used by the... High Unreviewed
CVE-2017-2833 was published May 13, 2022
Command injection and multiple stack-based buffer overflows vulnerabilities in the... Critical Unreviewed
CVE-2021-26731 was published Oct 24, 2022
An exploitable command injection vulnerability exists in the web management interface used by the... High Unreviewed
CVE-2017-2832 was published May 13, 2022
Command injection in npm-dependency-versions Critical
CVE-2022-29080 was published for npm-dependency-versions (npm) Apr 13, 2022
p-w
Command injection and stack-based buffer overflow vulnerabilities in the KillDupUsr_func function... Critical Unreviewed
CVE-2021-26728 was published Oct 24, 2022
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection... Critical Unreviewed
CVE-2022-44844 was published Nov 25, 2022
A origin validation error vulnerability in Trend Micro Apex One (on-prem and SaaS) could allow a... High Unreviewed
CVE-2021-45441 was published Jan 11, 2022
IBM AIX 7.0, 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a... High Unreviewed
CVE-2021-38991 was published Jan 12, 2022
A Remote Command Execution (RCE) vulnerability exists in HNAP1/control... Critical Unreviewed
CVE-2021-46314 was published Feb 18, 2022
jpress v4.2.0 admin panel provides a function through which attackers can modify the template and... High Unreviewed
CVE-2021-45806 was published Jan 14, 2022
An issue was discovered in ThoughtWorks GoCD before 21.3.0. An attacker with privileges to create... High Unreviewed
CVE-2021-43286 was published Apr 15, 2022
ProTip! Advisories are also available from the GraphQL API