Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,529 advisories

Loading
D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a command injection... Critical Unreviewed
CVE-2021-46454 was published Feb 9, 2022
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection... Critical Unreviewed
CVE-2022-24170 was published Feb 9, 2022
D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a command injection... Critical Unreviewed
CVE-2021-46455 was published Feb 9, 2022
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection... Critical Unreviewed
CVE-2022-24168 was published Feb 9, 2022
D-Link device D-Link DIR-823-Pro v1.0.2 was discovered to contain a command injection... Critical Unreviewed
CVE-2021-46457 was published Feb 9, 2022
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection... Critical Unreviewed
CVE-2022-24167 was published Feb 9, 2022
Tenda routers G1 and G3 v15.11.0.17(9502)_CN were discovered to contain a command injection... Critical Unreviewed
CVE-2022-24171 was published Feb 9, 2022
A improper neutralization of special elements used in a command ('command injection') in Fortinet... High Unreviewed
CVE-2021-41016 was published Feb 8, 2022
Totolink devices A3100R v4.1.2cu.5050_B20200504, A830R v5.9c.4729_B20191112, and A720R v4.1.5cu... Critical Unreviewed
CVE-2021-44247 was published Feb 8, 2022
Tenda AX3 v16.03.12.10_CN was discovered to contain a command injection vulnerability in the... Critical Unreviewed
CVE-2022-24144 was published Feb 8, 2022
Tenda AX3 v16.03.12.10_CN was discovered to contain a command injection vulnerability in the... Critical Unreviewed
CVE-2022-24150 was published Feb 8, 2022
Tenda AX3 v16.03.12.10_CN was discovered to contain a command injection vulnerability in the... Critical Unreviewed
CVE-2022-24148 was published Feb 8, 2022
TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a command injection... Critical Unreviewed
CVE-2021-45733 was published Feb 5, 2022
TOTOLINK A720R v4.1.5cu.470_B20200911 was discovered to contain a command injection vulnerability... Critical Unreviewed
CVE-2021-45742 was published Feb 5, 2022
TOTOLINK X5000R v9.1.0u.6118_B20201102 was discovered to contain a command injection... Critical Unreviewed
CVE-2021-45738 was published Feb 5, 2022
PrinterLogic Web Stack versions 19.1.1.13 SP9 and below do not sanitize user input resulting in... High Unreviewed
CVE-2021-42638 was published Feb 3, 2022
Stormshield Network Security (SNS) before 4.2.2 allows a read-only administrator to gain... High Unreviewed
CVE-2021-28962 was published Feb 1, 2022
A command injection remote code execution vulnerability was discovered on Western Digital My... Critical Unreviewed
CVE-2022-22992 was published Jan 29, 2022
The firmware on Moxa TN-5900 devices through 3.1 allows command injection that could lead to... Critical Unreviewed
CVE-2021-46560 was published Jan 27, 2022
lib/Image/ExifTool.pm in ExifTool before 12.38 mishandles a $file =~ /\|$/ check. Critical Unreviewed
CVE-2022-23935 was published Jan 26, 2022
Embedded web server command injection vulnerability in Lexmark devices through 2021-12-07. Critical Unreviewed
CVE-2021-44735 was published Jan 21, 2022
A command Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.7.5 allows local... High Unreviewed
CVE-2021-31854 was published Jan 20, 2022
China Mobile An Lianbao WF-1 V1.0.1 router provides a web interface /api/ZRRuleFilter... High Unreviewed
CVE-2021-33964 was published Jan 19, 2022
China Mobile An Lianbao WF-1 V1.0.1 router provides a web interface /api/ZRMesh/set_ZRMesh which... High Unreviewed
CVE-2021-33965 was published Jan 19, 2022
China Mobile An Lianbao WF-1 v1.0.1 router web interface through /api/ZRMacClone/mac_addr_clone... Critical Unreviewed
CVE-2021-33963 was published Jan 16, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database