GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
781 advisories
Filter by severity
Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated...
Critical
Unreviewed
CVE-2024-42505
was published
Sep 25, 2024
Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated...
Critical
Unreviewed
CVE-2024-42506
was published
Sep 25, 2024
Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated...
Critical
Unreviewed
CVE-2024-42507
was published
Sep 25, 2024
A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE
UTILITY sub-menu can allow a...
Critical
Unreviewed
CVE-2024-43693
was published
Sep 25, 2024
A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE IP
sub-menu can allow a...
Critical
Unreviewed
CVE-2024-45066
was published
Sep 25, 2024
A condition exists in FlashArray and FlashBlade Purity whereby a malicious user could execute...
Critical
Unreviewed
CVE-2024-0005
was published
Sep 23, 2024
CVE-2024-45824 IMPACT
A remote
code vulnerability exists in the affected products. The...
Critical
Unreviewed
CVE-2024-45824
was published
Sep 12, 2024
COMFAST CF-XR11 V2.7.2 has a command injection vulnerability in function sub_424CB4. Attackers...
Critical
Unreviewed
CVE-2024-44466
was published
Sep 11, 2024
D-Link DI-8300 v16.07.26A1 is vulnerable to command injection via the upgrade_filter_asp function.
Critical
Unreviewed
CVE-2024-44410
was published
Sep 9, 2024
D-Link DI-8100G 17.12.20A1 is vulnerable to Command Injection via sub47A60C function in the...
Critical
Unreviewed
CVE-2024-44401
was published
Sep 6, 2024
D-Link DI-8100G 17.12.20A1 is vulnerable to Command Injection via msp_info.htm.
Critical
Unreviewed
CVE-2024-44402
was published
Sep 6, 2024
Beijing Digital China Cloud Technology Co., Ltd. DCME-320 v.7.4.12.60 has a command execution...
Critical
Unreviewed
CVE-2024-42905
was published
Aug 28, 2024
Improper Input Validation vulnerability in Hillstone Networks Hillstone Networks Web Application...
Critical
Unreviewed
CVE-2024-8073
was published
Aug 26, 2024
An issue in the handler function in /goform/telnet of Tenda FH1201 v1.2.0.14 (408) allows...
Critical
Unreviewed
CVE-2024-42947
was published
Aug 15, 2024
Multiple OS command injection vulnerabilities affecting Vonets
industrial wifi bridge relays...
Critical
Unreviewed
CVE-2024-37023
was published
Aug 12, 2024
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability...
Critical
Unreviewed
CVE-2024-21878
was published
Aug 12, 2024
An issue in Koha ILS 23.05 and before allows a remote attacker to execute arbitrary code via a...
Critical
Unreviewed
CVE-2024-28739
was published
Aug 6, 2024
Improper filering of special characters result in a command ('command injection') vulnerability...
Critical
Unreviewed
CVE-2024-7397
was published
Aug 5, 2024
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability...
Critical
Unreviewed
CVE-2024-41319
was published
Jul 23, 2024
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability...
Critical
Unreviewed
CVE-2024-41318
was published
Jul 22, 2024
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability...
Critical
Unreviewed
CVE-2024-41316
was published
Jul 22, 2024
This vulnerability allows an unauthenticated attacker to achieve remote command execution on the...
Critical
Unreviewed
CVE-2024-38492
was published
Jul 15, 2024
Sourcecodester Poultry Farm Management System v1.0 contains an Unauthenticated Remote Code...
Critical
Unreviewed
CVE-2024-40110
was published
Jul 12, 2024
An issue was discovered in SeaCMS <=12.9 which allows remote attackers to execute arbitrary code...
Critical
Unreviewed
CVE-2024-39028
was published
Jul 5, 2024
TELSAT marKoni FM Transmitters are vulnerable to a command injection vulnerability through the...
Critical
Unreviewed
CVE-2024-39373
was published
Jun 27, 2024
ProTip!
Advisories are also available from the
GraphQL API