Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

301 advisories

Loading
Dell NetWorker, versions 18.x and 19.x contain an Information disclosure vulnerability. A... Moderate Unreviewed
CVE-2021-21570 was published May 24, 2022
Dell NetWorker, versions 18.x and 19.x contain a Path traversal vulnerability. A NetWorker server... Moderate Unreviewed
CVE-2021-21569 was published May 24, 2022
Improper neutralization of special elements in the SMA100 management interface allows a remote... Moderate Unreviewed
CVE-2021-20035 was published May 24, 2022
Multiple vulnerabilities in the CLI of Cisco IOS XR Software could allow an authenticated, local... Moderate Unreviewed
CVE-2021-34721 was published May 24, 2022
A vulnerability in Cisco Nexus 9000 Series Fabric Switches in Application Centric Infrastructure ... Moderate Unreviewed
CVE-2021-1584 was published May 24, 2022
Dell EMC PowerScale OneFS versions 8.2.x - 9.2.1.x contain an OS command injection vulnerability.... Moderate Unreviewed
CVE-2021-21599 was published May 24, 2022
There is a command injection vulnerability in the HG8045Q product. When the command-line... Moderate Unreviewed
CVE-2021-37028 was published May 24, 2022
CODESYS V2 runtime system SP before 2.4.7.55 has Improper Neutralization of Special Elements used... Moderate Unreviewed
CVE-2021-30187 was published May 24, 2022
A command injection vulnerability has been reported to affect certain versions of Malware Remover... Moderate Unreviewed
CVE-2020-36198 was published May 24, 2022
A remote authenticated SQL Injection vulnerabilitiy was discovered in Aruba ClearPass Policy... Moderate Unreviewed
CVE-2021-26685 was published May 24, 2022
Philips Interventional Workspot (Release 1.3.2, 1.4.0, 1.4.1, 1.4.3, 1.4.5), Coronary Tools... Moderate Unreviewed
CVE-2020-27298 was published May 24, 2022
A command injection vulnerability in install package validation subsystem of Juniper Networks... Moderate Unreviewed
CVE-2021-0219 was published May 24, 2022
Aterm SA3500G firmware versions prior to Ver. 3.5.9 allows an attacker with an administrative... Moderate Unreviewed
CVE-2020-5636 was published May 24, 2022
It was found that cifs-utils' mount.cifs was invoking a shell when requesting the Samba password,... Moderate Unreviewed
CVE-2020-14342 was published May 24, 2022
FusionCompute 8.0.0 have a command injection vulnerability. The software does not sufficiently... Moderate Unreviewed
CVE-2020-9242 was published May 24, 2022
Firejail through 0.9.62 does not honor the -- end-of-options indicator after the --output option,... Moderate Unreviewed
CVE-2020-17367 was published May 24, 2022
scp in OpenSSH through 8.3p1 allows command injection in scp.c remote function, as demonstrated... Moderate Unreviewed
CVE-2020-15778 was published May 24, 2022
D-Link DSL-7740C does not properly validate user input, which allows an authenticated LAN user to... Moderate Unreviewed
CVE-2020-12774 was published May 24, 2022
** UNSUPPORTED WHEN ASSIGNED ** D-Link DIR-610 devices allow Remote Command Execution via the cmd... Moderate Unreviewed
CVE-2020-9377 was published May 24, 2022
OCS Inventory NG 2.7 allows Remote Command Execution via shell metacharacters to require... Moderate Unreviewed
CVE-2020-14947 was published May 24, 2022
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Moderate Unreviewed
CVE-2020-14442 was published May 24, 2022
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Moderate Unreviewed
CVE-2020-14437 was published May 24, 2022
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Moderate Unreviewed
CVE-2020-14439 was published May 24, 2022
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Moderate Unreviewed
CVE-2020-14440 was published May 24, 2022
Certain NETGEAR devices are affected by command injection by an unauthenticated attacker. This... Moderate Unreviewed
CVE-2020-14441 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API