GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
301 advisories
Filter by severity
Dell NetWorker, versions 18.x and 19.x contain an Information disclosure vulnerability. A...
Moderate
Unreviewed
CVE-2021-21570
was published
May 24, 2022
Dell NetWorker, versions 18.x and 19.x contain a Path traversal vulnerability. A NetWorker server...
Moderate
Unreviewed
CVE-2021-21569
was published
May 24, 2022
Improper neutralization of special elements in the SMA100 management interface allows a remote...
Moderate
Unreviewed
CVE-2021-20035
was published
May 24, 2022
Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local...
Moderate
Unreviewed
CVE-2021-34721
was published
May 24, 2022
A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure ...
Moderate
Unreviewed
CVE-2021-1584
was published
May 24, 2022
Dell EMC PowerScale OneFS versions 8.2.x - 9.2.1.x contain an OS command injection vulnerability....
Moderate
Unreviewed
CVE-2021-21599
was published
May 24, 2022
There is a command injection vulnerability in the HG8045Q product. When the command-line...
Moderate
Unreviewed
CVE-2021-37028
was published
May 24, 2022
CODESYS V2 runtime system SP before 2.4.7.55 has Improper Neutralization of Special Elements used...
Moderate
Unreviewed
CVE-2021-30187
was published
May 24, 2022
A command injection vulnerability has been reported to affect certain versions of Malware Remover...
Moderate
Unreviewed
CVE-2020-36198
was published
May 24, 2022
A remote authenticated SQL Injection vulnerabilitiy was discovered in Aruba ClearPass Policy...
Moderate
Unreviewed
CVE-2021-26685
was published
May 24, 2022
Philips Interventional Workspot (Release 1.3.2, 1.4.0, 1.4.1, 1.4.3, 1.4.5), Coronary Tools...
Moderate
Unreviewed
CVE-2020-27298
was published
May 24, 2022
A command injection vulnerability in install package validation subsystem of Juniper Networks...
Moderate
Unreviewed
CVE-2021-0219
was published
May 24, 2022
Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker with an administrative...
Moderate
Unreviewed
CVE-2020-5636
was published
May 24, 2022
It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password,...
Moderate
Unreviewed
CVE-2020-14342
was published
May 24, 2022
FusionCompute 8.0.0 have a command injection vulnerability. The software does not sufficiently...
Moderate
Unreviewed
CVE-2020-9242
was published
May 24, 2022
Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option,...
Moderate
Unreviewed
CVE-2020-17367
was published
May 24, 2022
scp in OpenSSH through 8.3p1 allows command injection in scp.c remote function, as demonstrated...
Moderate
Unreviewed
CVE-2020-15778
was published
May 24, 2022
D-Link DSL-7740C does not properly validate user input, which allows an authenticated LAN user to...
Moderate
Unreviewed
CVE-2020-12774
was published
May 24, 2022
** UNSUPPORTED WHEN ASSIGNED ** D-Link DIR-610 devices allow Remote Command Execution via the cmd...
Moderate
Unreviewed
CVE-2020-9377
was published
May 24, 2022
OCS Inventory NG 2.7 allows Remote Command Execution via shell metacharacters to require...
Moderate
Unreviewed
CVE-2020-14947
was published
May 24, 2022
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This...
Moderate
Unreviewed
CVE-2020-14442
was published
May 24, 2022
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This...
Moderate
Unreviewed
CVE-2020-14437
was published
May 24, 2022
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This...
Moderate
Unreviewed
CVE-2020-14439
was published
May 24, 2022
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This...
Moderate
Unreviewed
CVE-2020-14440
was published
May 24, 2022
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This...
Moderate
Unreviewed
CVE-2020-14441
was published
May 24, 2022
ProTip!
Advisories are also available from the
GraphQL API