GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
937 advisories
Filter by severity
Improper neutralization of special elements used in a command ('Command Injection') vulnerability...
Critical
Unreviewed
CVE-2024-10443
was published
Nov 15, 2024
A vulnerability in the web-based management interface of Cisco Unified Industrial Wireless...
Critical
Unreviewed
CVE-2024-20418
was published
Nov 6, 2024
Command injection vulnerability in the underlying CLI service could lead to unauthenticated...
Critical
Unreviewed
CVE-2024-42509
was published
Nov 6, 2024
DCME-320 v7.4.12.90 was discovered to contain a command injection vulnerability.
Critical
Unreviewed
CVE-2024-51115
was published
Nov 6, 2024
Command injection vulnerability in the underlying CLI service could lead to unauthenticated...
Critical
Unreviewed
CVE-2024-47460
was published
Nov 6, 2024
An issue in Lens Visual integration with Power BI v.4.0.0.3 allows a remote attacker to execute...
Critical
Unreviewed
CVE-2024-48746
was published
Nov 6, 2024
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and...
Critical
Unreviewed
CVE-2024-51260
was published
Oct 31, 2024
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and...
Critical
Unreviewed
CVE-2024-51255
was published
Oct 31, 2024
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and...
Critical
Unreviewed
CVE-2024-51259
was published
Oct 31, 2024
A prompt injection vulnerability in the chatbox of Fusion Chat Chat AI Assistant Ask Me Anything...
Critical
Unreviewed
CVE-2024-48144
was published
Oct 24, 2024
A prompt injection vulnerability in the chatbox of Netangular Technologies ChatNet AI Version v1...
Critical
Unreviewed
CVE-2024-48145
was published
Oct 24, 2024
An command injection vulnerability in Trend Micro Cloud Edge could allow a remote attacker to...
Critical
Unreviewed
CVE-2024-48904
was published
Oct 22, 2024
A Command Injection vulnerability in Vilo 5 Mesh WiFi System <= 5.16.1.33 allows remote,...
Critical
Unreviewed
CVE-2024-40089
was published
Oct 21, 2024
A vulnerability in NuPoint Messenger (NPM) of Mitel MiCollab through 9.8.0.33 allows an...
Critical
Unreviewed
CVE-2024-35285
was published
Oct 21, 2024
An issue in DCME-320-L <=9.3.2.114 allows a remote attacker to execute arbitrary code via the...
Critical
Unreviewed
CVE-2024-48659
was published
Oct 21, 2024
The `add_llm` function in `llm_app.py` in infiniflow/ragflow version 0.11.0 contains a remote...
Critical
Unreviewed
CVE-2024-10131
was published
Oct 19, 2024
Grafana Command Injection And Local File Inclusion Via Sql Expressions
Critical
CVE-2024-9264
was published
for
github.com/grafana/grafana
(Go)
Oct 18, 2024
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and...
Critical
Unreviewed
CVE-2024-48153
was published
Oct 14, 2024
A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0)....
Critical
Unreviewed
CVE-2024-47562
was published
Oct 8, 2024
A vulnerability in the REST API and web UI of Cisco Nexus Dashboard Fabric Controller (NDFC)...
Critical
Unreviewed
CVE-2024-20432
was published
Oct 2, 2024
A Command injection vulnerability in requestLetsEncryptSsl in NginxProxyManager 2.11.3 allows an...
Critical
Unreviewed
CVE-2024-46256
was published
Sep 27, 2024
A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE IP
sub-menu can allow a...
Critical
Unreviewed
CVE-2024-45066
was published
Sep 25, 2024
A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE
UTILITY sub-menu can allow a...
Critical
Unreviewed
CVE-2024-43693
was published
Sep 25, 2024
Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated...
Critical
Unreviewed
CVE-2024-42507
was published
Sep 25, 2024
Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated...
Critical
Unreviewed
CVE-2024-42505
was published
Sep 25, 2024
ProTip!
Advisories are also available from the
GraphQL API