GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
799 advisories
Filter by severity
A command injection vulnerability has been reported to affect QNAP device, VioStor. If exploited,...
Critical
Unreviewed
CVE-2021-38685
was published
Nov 27, 2021
This issue was discovered when the ipTIME C200 IP Camera was synchronized with the ipTIME NAS. It...
Critical
Unreviewed
CVE-2020-7879
was published
Dec 1, 2021
# Vulnerability in `rand-quote` and `hitokoto` plugins **Description**: the `rand-quote` and ...
Critical
Unreviewed
CVE-2021-3727
was published
Dec 1, 2021
# Vulnerability in `title` function **Description**: the `title` function defined in `lib...
Critical
Unreviewed
CVE-2021-3726
was published
Dec 1, 2021
# Vulnerability in `pygmalion`, `pygmalion-virtualenv` and `refined` themes **Description**:...
Critical
Unreviewed
CVE-2021-3769
was published
Dec 1, 2021
A command execution vulnerability exists in the wifi_country_code_update functionality of the...
Critical
Unreviewed
CVE-2021-21954
was published
Dec 10, 2021
An OS command injection vulnerability exists in the Web Manager SslGenerateCertificate...
Critical
Unreviewed
CVE-2021-21888
was published
Dec 23, 2021
An OS command injection vulnerability exists in the Web Manager Diagnostics: Ping functionality...
Critical
Unreviewed
CVE-2021-21883
was published
Dec 23, 2021
An OS command injection vulnerability exists in the Web Manager SslGenerateCSR functionality of...
Critical
Unreviewed
CVE-2021-21884
was published
Dec 23, 2021
An OS command injection vulnerability exists in the Web Manager Wireless Network Scanner...
Critical
Unreviewed
CVE-2021-21881
was published
Dec 23, 2021
Specially-crafted HTTP requests can lead to arbitrary command execution in “GET” requests. An...
Critical
Unreviewed
CVE-2021-21877
was published
Dec 23, 2021
A specially-crafted HTTP request can lead to arbitrary command execution in DSA keypasswd...
Critical
Unreviewed
CVE-2021-21874
was published
Dec 23, 2021
Specially-crafted HTTP requests can lead to arbitrary command execution in PUT requests. An...
Critical
Unreviewed
CVE-2021-21876
was published
Dec 23, 2021
A specially-crafted HTTP request can lead to arbitrary command execution in EC keypasswd...
Critical
Unreviewed
CVE-2021-21875
was published
Dec 23, 2021
A specially-crafted HTTP request can lead to arbitrary command execution in RSA keypasswd...
Critical
Unreviewed
CVE-2021-21873
was published
Dec 23, 2021
An OS command injection vulnerability exists in the Web Manager Diagnostics: Traceroute...
Critical
Unreviewed
CVE-2021-21872
was published
Dec 23, 2021
mySCADA myPRO: Versions 8.20.0 and prior has a vulnerable debug interface which includes a ping...
Critical
Unreviewed
CVE-2021-44453
was published
Dec 24, 2021
mySCADA myPRO: Versions 8.20.0 and prior has a feature to send emails, which may allow an...
Critical
Unreviewed
CVE-2021-43981
was published
Dec 24, 2021
mySCADA myPRO: Versions 8.20.0 and prior has a feature where the firmware can be updated, which...
Critical
Unreviewed
CVE-2021-43984
was published
Dec 24, 2021
mySCADA myPRO: Versions 8.20.0 and prior has a feature where the password can be specified, which...
Critical
Unreviewed
CVE-2021-23198
was published
Dec 24, 2021
mySCADA myPRO: Versions 8.20.0 and prior has a feature where the API password can be specified,...
Critical
Unreviewed
CVE-2021-22657
was published
Dec 24, 2021
China Mobile An Lianbao WF-1 router v1.0.1 is affected by an OS command injection vulnerability...
Critical
Unreviewed
CVE-2021-33962
was published
Jan 15, 2022
An OS command injection vulnerability exists in the device network settings functionality of...
Critical
Unreviewed
CVE-2021-40408
was published
Jan 29, 2022
An OS command injection vulnerability exists in the device network settings functionality of...
Critical
Unreviewed
CVE-2021-40409
was published
Jan 29, 2022
An OS command injection vulnerability exists in the device network settings functionality of...
Critical
Unreviewed
CVE-2021-40407
was published
Jan 29, 2022
ProTip!
Advisories are also available from the
GraphQL API