Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,973 advisories

Loading
OS Command Injection in Laravel Framework High
CVE-2020-19316 was published for laravel/framework (Composer) Jan 6, 2022
An authenticated user can execute arbitrary command in Gerapy High
CVE-2021-32849 was published for gerapy (pip) Jan 6, 2022
In Lens prior to 5.3.4, custom helm chart configuration creates helm commands from string... High Unreviewed
CVE-2021-23154 was published Jan 11, 2022
OS command execution vulnerability in Jenkins Docker Commons Plugin High
CVE-2022-20617 was published for org.jenkins-ci.plugins:docker-commons (Maven) Jan 13, 2022
westonsteimel
The files_antivirus component before 1.0.0 for ownCloud allows OS Command Injection via the... High Unreviewed
CVE-2021-33827 was published Jan 16, 2022
IBM FileNet Content Manager 5.5.4, 5.5.6, and 5.5.7 could allow a remote authenticated attacker... High Unreviewed
CVE-2021-38965 was published Jan 18, 2022
A command Injection Vulnerability in McAfee Agent (MA) for Windows prior to 5.7.5 allows local... High Unreviewed
CVE-2021-31854 was published Jan 20, 2022
Dell EMC Unity, Dell EMC UnityVSA and Dell EMC Unity XT versions prior to 5.1.2.0.5.007 contain... High Unreviewed
CVE-2021-43589 was published Jan 25, 2022
The Path Sanity Check script of FreeCAD 0.19 is vulnerable to OS command injection, allowing an... High Unreviewed
CVE-2021-45845 was published Jan 26, 2022
Improper sanitization in the invocation of ODA File Converter from FreeCAD 0.19 allows an... High Unreviewed
CVE-2021-45844 was published Jan 26, 2022
Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authenticated remote code... High Unreviewed
CVE-2021-36296 was published Jan 27, 2022
Dell VNX2 OE for File versions 8.1.21.266 and earlier, contain an authenticated remote code... High Unreviewed
CVE-2021-36295 was published Jan 27, 2022
An OS command injection vulnerability exists in the device network settings functionality of... High Unreviewed
CVE-2021-40410 was published Jan 29, 2022
An OScommand injection vulnerability exists in the device network settings functionality of... High Unreviewed
CVE-2021-40412 was published Jan 29, 2022
An OS command injection vulnerability exists in the device network settings functionality of... High Unreviewed
CVE-2021-40411 was published Jan 29, 2022
Liferay Portal Server tested on 7.3.5 GA6, 7.2.0 GA1 is affected by OS Command Injection. An... High Unreviewed
CVE-2020-28885 was published Jan 29, 2022
Liferay Portal Server tested on 7.3.5 GA6, 7.2.0 GA1 is affected by OS Command Injection. An... High Unreviewed
CVE-2020-28884 was published Jan 29, 2022
A improper neutralization of special elements used in an os command ('os command injection') in... High Unreviewed
CVE-2021-41018 was published Feb 3, 2022
Improper neutralization of special elements used in an OS command ('OS Command Injection')... High Unreviewed
CVE-2021-43928 was published Feb 8, 2022
A improper neutralization of special elements used in an os command ('os command injection') in... High Unreviewed
CVE-2021-43073 was published Feb 8, 2022
Hidden functionality vulnerability in ELECOM LAN routers (WRH-300BK3 firmware v1.05 and earlier,... High Unreviewed
CVE-2022-21173 was published Feb 9, 2022
OS Command Injection in ansible High
CVE-2020-1734 was published for ansible (pip) Feb 9, 2022
OS Command Injection in systeminformation High
CVE-2020-7778 was published for systeminformation (npm) Feb 9, 2022
OS Command Injection and Command Injection in kill-port-process High
CVE-2019-15609 was published for kill-port-process (npm) Feb 10, 2022
OS Command Injection in Microweber High
CVE-2022-0557 was published for microweber/microweber (Composer) Feb 12, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database