Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,170
Erlang
30
GitHub Actions
19
Go
1,981
Maven
5,000+
npm
3,700
NuGet
656
pip
3,319
Pub
11
RubyGems
882
Rust
834
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

912 advisories

Loading
DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection... High Unreviewed
CVE-2024-44844 was published Sep 6, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system... High Unreviewed
CVE-2024-38641 was published Sep 6, 2024
An OS command injection vulnerability has been reported to affect Video Station. If exploited,... High Unreviewed
CVE-2023-47563 was published Sep 6, 2024
Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x , contain(s)... High Unreviewed
CVE-2024-38486 was published Sep 6, 2024
WAYOS FBM-291W v19.09.11 is vulnerable to Command Execution via msp_info_htm. High Unreviewed
CVE-2024-44383 was published Sep 4, 2024
D-Link DI-8400 16.07.26A1 is vulnerable to Command Injection via upgrade_filter_asp. High Unreviewed
CVE-2024-44400 was published Sep 4, 2024
Vulnerability in admin_ip.php in Seacms v13.1, when action=set, allows attackers to control IP... High Unreviewed
CVE-2024-44916 was published Aug 30, 2024
D-Link DI_8004W 16.07.26A1 contains a command execution vulnerability in jhttpd msp_info_htm... High Unreviewed
CVE-2024-44381 was published Aug 23, 2024
D-Link DI_8004W 16.07.26A1 contains a command execution vulnerability in the jhttpd... High Unreviewed
CVE-2024-44382 was published Aug 23, 2024
DedeCMS V5.7.115 has a command execution vulnerability via file_manage_view.php?fmdo=newfile... High Unreviewed
CVE-2024-42636 was published Aug 23, 2024
DrayTek Vigor 3900 before v1.5.1.5_Beta, DrayTek Vigor 2960 before v1.5.1.5_Beta and DrayTek... High Unreviewed
CVE-2024-43027 was published Aug 21, 2024
A command injection issue in Palo Alto Networks Cortex XSOAR CommonScripts Pack allows an... High Unreviewed
CVE-2024-5914 was published Aug 14, 2024
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... High Unreviewed
CVE-2024-21879 was published Aug 12, 2024
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... High Unreviewed
CVE-2024-21880 was published Aug 12, 2024
Firmware in KAON AR2140 routers prior to version 4.2.16 is vulnerable to a shell command... High Unreviewed
CVE-2024-3659 was published Aug 8, 2024
Commands can be injected over the network and executed without authentication. High Unreviewed
CVE-2024-7029 was published Aug 2, 2024
A command injection vulnerability could allow an authenticated user to execute operating system... High Unreviewed
CVE-2022-4002 was published Jul 31, 2024
A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been classified as... High Unreviewed
CVE-2024-7177 was published Jul 29, 2024
A vulnerability, which was classified as critical, was found in TOTOLINK A3600R 4.1.2cu... High Unreviewed
CVE-2024-7174 was published Jul 29, 2024
A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateway's Command Line... High Unreviewed
CVE-2024-41134 was published Jul 24, 2024
A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateway's Command Line... High Unreviewed
CVE-2024-41135 was published Jul 24, 2024
A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateway's Command Line... High Unreviewed
CVE-2024-41133 was published Jul 24, 2024
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability... High Unreviewed
CVE-2024-41320 was published Jul 22, 2024
AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX9 V22.03.01.46 and AX3000 Dual-Band Gigabit Wi-Fi 6... High Unreviewed
CVE-2024-39963 was published Jul 19, 2024
StoneFly Storage Concentrator (SC and SCVM) before 8.0.4.26 allows remote authenticated users to... High Unreviewed
CVE-2024-30213 was published Jul 13, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database