GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,205 advisories
Filter by severity
A remote authenticated command Injection vulnerability was discovered in Aruba ClearPass Policy...
High
Unreviewed
CVE-2021-26681
was published
May 24, 2022
A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy...
High
Unreviewed
CVE-2021-26680
was published
May 24, 2022
vSphere Replication 8.3.x prior to 8.3.1.2, 8.2.x prior to 8.2.1.1, 8.1.x prior to 8.1.2.3 and 6...
High
Unreviewed
CVE-2021-21976
was published
May 24, 2022
A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy...
High
Unreviewed
CVE-2021-26683
was published
May 24, 2022
D-Link DSL-2750B devices before 1.05 allow remote unauthenticated command injection via the login...
Critical
Unreviewed
CVE-2016-20017
was published
Oct 19, 2022
Improper Neutralization of Special Elements used in a Command in FitNesse Wiki
High
CVE-2014-1216
was published
for
org.fitnesse:fitnesse
(Maven)
May 17, 2022
A remote authenticated command injection vulnerability was discovered in Aruba ClearPass Policy...
High
Unreviewed
CVE-2021-26684
was published
May 24, 2022
SolarWinds Platform was susceptible to Command Injection. This vulnerability allows a remote...
High
Unreviewed
CVE-2022-36962
was published
Nov 29, 2022
The BeanShell components of IRISNext through 9.8.28 allow execution of arbitrary commands on the...
High
Unreviewed
CVE-2022-26111
was published
Apr 26, 2022
Improper Neutralization of Special Elements used in a Command in Apache Cassandra
High
CVE-2015-0225
was published
for
org.apache.cassandra:apache-cassandra
(Maven)
May 14, 2022
Command injection in czproject/git-php
High
CVE-2022-25866
was published
for
czproject/git-php
(Composer)
Apr 26, 2022
Multiple command injections and stack-based buffer overflows vulnerabilities in the...
Critical
Unreviewed
CVE-2021-26727
was published
Oct 24, 2022
Command injection and multiple stack-based buffer overflows vulnerabilities in the...
Critical
Unreviewed
CVE-2021-26729
was published
Oct 24, 2022
OS Command Injection in git-pull-or-clone
Critical
CVE-2022-24437
was published
for
git-pull-or-clone
(npm)
May 3, 2022
An exploitable command injection vulnerability exists in the web management interface used by the...
High
Unreviewed
CVE-2017-2833
was published
May 13, 2022
Command injection and multiple stack-based buffer overflows vulnerabilities in the...
Critical
Unreviewed
CVE-2021-26731
was published
Oct 24, 2022
An exploitable command injection vulnerability exists in the web management interface used by the...
High
Unreviewed
CVE-2017-2832
was published
May 13, 2022
Command injection in npm-dependency-versions
Critical
CVE-2022-29080
was published
for
npm-dependency-versions
(npm)
Apr 13, 2022
Command injection and stack-based buffer overflow vulnerabilities in the KillDupUsr_func function...
Critical
Unreviewed
CVE-2021-26728
was published
Oct 24, 2022
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection...
Critical
Unreviewed
CVE-2022-44844
was published
Nov 25, 2022
A origin validation error vulnerability in Trend Micro Apex One (on-prem and SaaS) could allow a...
High
Unreviewed
CVE-2021-45441
was published
Jan 11, 2022
IBM AIX 7.0, 7.1, 7.2, and VIOS 3.1 could allow a non-privileged local user to exploit a...
High
Unreviewed
CVE-2021-38991
was published
Jan 12, 2022
A Remote Command Execution (RCE) vulnerability exists in HNAP1/control...
Critical
Unreviewed
CVE-2021-46314
was published
Feb 18, 2022
jpress v4.2.0 admin panel provides a function through which attackers can modify the template and...
High
Unreviewed
CVE-2021-45806
was published
Jan 14, 2022
An issue was discovered in ThoughtWorks GoCD before 21.3.0. An attacker with privileges to create...
High
Unreviewed
CVE-2021-43286
was published
Apr 15, 2022
ProTip!
Advisories are also available from the
GraphQL API