GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,215
Composer 4,344
Erlang 31
GitHub Actions 22
Go 2,112
Maven 5,287
npm 3,767
NuGet 680
pip 3,453
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,561

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,854 advisories

Filter by severity

Sort by

Least recently updated

calendar.php in vBulletin before 2.2.0 allows remote attackers to execute arbitrary commands via... High Unreviewed

CVE-2002-1660 was published Apr 30, 2022

Apache for Win32 before 1.3.24, and 2.0.x before 2.0.34-beta, allows remote attackers to execute... High Unreviewed

CVE-2002-0061 was published Apr 30, 2022

lpd daemon (in.lpd) in Solaris 8 and earlier allows remote attackers to execute arbitrary... High Unreviewed

CVE-2001-1583 was published Apr 30, 2022

Command execution via shell metachars in INN daemon (innd) 1.5 using "newgroup" and "rmgroup"... High Unreviewed

CVE-1999-0043 was published Apr 30, 2022

USU Oracle Optimization before 5.17.5 allows authenticated DataCollection users to achieve agent... High Unreviewed

CVE-2022-29937 was published Apr 30, 2022

Kerberos FTP client allows remote FTP sites to execute arbitrary code via a pipe (|) character in... High Unreviewed

CVE-2003-0041 was published Apr 29, 2022

In the "webupg" binary of D-Link DIR-825 G1, because of the lack of parameter verification,... High Unreviewed

CVE-2021-46441 was published Apr 28, 2022

In Bender/ebee Charge Controllers in multiple versions are prone to Command injection via Web... High Unreviewed

CVE-2021-34602 was published Apr 28, 2022

vsftpd 2.3.4 downloaded between 20110630 and 20110703 contains a backdoor which opens a shell on... High Unreviewed

CVE-2011-2523 was published Apr 22, 2022

Zoho ManageEngine ADSelfService Plus before 6122 allows an authenticated user to achieve remote... High Unreviewed

CVE-2022-28810 was published Apr 19, 2022

OS command injection vulnerability exists in CENTUM VP R4.01.00 to R4.03.00, CENTUM VP Small R4... High Unreviewed

CVE-2022-27188 was published Apr 16, 2022

A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated,... High Unreviewed

CVE-2022-20693 was published Apr 16, 2022

Multiple vulnerabilities in the Cisco IOx application hosting environment on multiple Cisco... High Unreviewed

CVE-2022-20718 was published Apr 16, 2022

In Citrix XenMobile Server through 10.12 RP9, there is an Authenticated Command Injection... High Unreviewed

CVE-2021-44520 was published Apr 14, 2022

A command injection vulnerability in the CGI program of Zyxel VMG3312-T20A firmware version 5.30... High Unreviewed

CVE-2022-26413 was published Apr 12, 2022

A command injection vulnerability in the protest binary allows an attacker with access to the... High Unreviewed

CVE-2022-1262 was published Apr 12, 2022

An authenticated user may be able to misuse parameters to inject arbitrary operating system... High Unreviewed

CVE-2022-0999 was published Apr 12, 2022

Dr Trust USA iCheck Connect BP Monitor BP Testing 118 1.2.1 is vulnerable to Plain text command... High Unreviewed

CVE-2020-27373 was published Apr 8, 2022

ASUS RT-AC86U’s LPD service has insufficient filtering for special characters in the user request... High Unreviewed

CVE-2022-25597 was published Apr 8, 2022

D-Link DIR-878 has inadequate filtering for special characters in the webpage input field. An... High Unreviewed

CVE-2022-26670 was published Apr 8, 2022

Multiple improper neutralization of special elements used in an OS command vulnerabilities (CWE... High Unreviewed

CVE-2021-24009 was published Apr 7, 2022

An improper input validation vulnerability in FortiClient for Linux 6.4.x before 6.4.3,... High Unreviewed

CVE-2021-22127 was published Apr 7, 2022

An improper neutralization of special elements used in an OS command vulnerability in the command... High Unreviewed

CVE-2021-26116 was published Apr 7, 2022

Hitron CHITA 7.2.2.0.3b6-CD devices contain a command injection vulnerability via the Device/DDNS... High Unreviewed

CVE-2022-25017 was published Apr 2, 2022

Netcommunity OG410X and OG810X series (Netcommunity OG410Xa, OG410Xi, OG810Xa, and OG810Xi... High Unreviewed

CVE-2022-22986 was published Apr 1, 2022

Previous 1 2 … 70 71 72 73 74 75 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,854 advisories