GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,093
Composer 4,324
Erlang 31
GitHub Actions 21
Go 2,087
Maven 5,251
npm 3,751
NuGet 674
pip 3,437
Pub 12
RubyGems 892
Rust 881
Swift 37

Unreviewed advisories

All unreviewed 241,760

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

837 advisories

Filter by severity

Sort by

Least recently updated

A command injection vulnerability in Ivanti Sentry prior to 9.19.0 allows unauthenticated threat... Critical Unreviewed

CVE-2023-41724 was published Mar 31, 2024

Tenda AC18 V15.03.05.05 contains a command injection vulnerablility in the deviceName parameter... Critical Unreviewed

CVE-2024-28545 was published Mar 26, 2024

DIR-845L router <= v1.01KRb03 has an Unauthenticated remote code execution vulnerability in the... Critical Unreviewed

CVE-2024-29385 was published Mar 22, 2024

Distrobox before 1.7.0.1 allows attackers to execute arbitrary code via command injection into... Critical Unreviewed

CVE-2024-29864 was published Mar 21, 2024

There is a command injection vulnerability in the TRENDnet TEW-827DRU router with firmware... Critical Unreviewed

CVE-2024-28354 was published Mar 15, 2024

SAP NetWeaver Administrator AS Java (Administrator Log Viewer plug-in) - version 7.50, allows an... Critical Unreviewed

CVE-2024-22127 was published Mar 12, 2024

In Indo-Sol PROFINET-INspektor NT through 2.4.0, a command injection vulnerability in the... Critical Unreviewed

CVE-2023-49959 was published Feb 26, 2024

Netis WF2780 v2.1.40144 was discovered to contain a command injection vulnerability via the... Critical Unreviewed

CVE-2024-25850 was published Feb 22, 2024

Command Injection vulnerability in D-Link Dir 816 with firmware version DIR-816_A2_v1.10CNB04... Critical Unreviewed

CVE-2023-24331 was published Feb 21, 2024

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an... Critical Unreviewed

CVE-2024-1369 was published Feb 13, 2024

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an... Critical Unreviewed

CVE-2024-1355 was published Feb 13, 2024

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an... Critical Unreviewed

CVE-2024-1359 was published Feb 13, 2024

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an... Critical Unreviewed

CVE-2024-1372 was published Feb 13, 2024

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an... Critical Unreviewed

CVE-2024-1374 was published Feb 13, 2024

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an... Critical Unreviewed

CVE-2024-1378 was published Feb 13, 2024

In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with... Critical Unreviewed

CVE-2023-46687 was published Feb 9, 2024

An issue in Dlink DIR-816A2 v.1.10CNB05 allows a remote attacker to execute arbitrary code via... Critical Unreviewed

CVE-2024-24321 was published Feb 8, 2024

Zentao v18.0 to v18.10 was discovered to contain a remote code execution (RCE) vulnerability via... Critical Unreviewed

CVE-2024-24216 was published Feb 8, 2024

An issue in symphony v.3.6.3 and before allows a remote attacker to execute arbitrary code via... Critical Unreviewed

CVE-2024-23049 was published Feb 6, 2024

An OS command injection vulnerability has been reported to affect several QNAP operating system... Critical Unreviewed

CVE-2023-45025 was published Feb 2, 2024

In Notion Web Clipper 1.0.3(7), a .nib file is susceptible to the Dirty NIB attack. NIB files can... Critical Unreviewed

CVE-2024-23745 was published Jan 31, 2024

A command injection vulnerability exists in D-Link DAP-1650 devices when handling UPnP SUBSCRIBE... Critical Unreviewed

CVE-2024-23625 was published Jan 26, 2024

A command injection vulnerability exists in the gena.cgi module of D-Link DAP-1650 devices. An... Critical Unreviewed

CVE-2024-23624 was published Jan 26, 2024

A command injection vulnerability exists in the 'SaveStaticRouteIPv4Params' parameter of the... Critical Unreviewed

CVE-2024-23627 was published Jan 26, 2024

A command injection vulnerability exists in the 'SaveStaticRouteIPv6Params' parameter of the... Critical Unreviewed

CVE-2024-23628 was published Jan 26, 2024

Previous 1 2 3 4 5 6 7 … 33 34 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

837 advisories