Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,232
Erlang
31
GitHub Actions
20
Go
1,991
Maven
5,000+
npm
3,709
NuGet
661
pip
3,344
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,073 advisories

Loading
In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the Dashboard Examples Hub in the... High Unreviewed
CVE-2024-29946 was published Mar 27, 2024
A command injection vulnerability could allow an authenticated user to execute operating system... High Unreviewed
CVE-2022-4002 was published Jul 31, 2024
A command injection vulnerability exists in /goform/exeCommand in Tenda AC18 v15.03.05.05, which... High Unreviewed
CVE-2024-30891 was published Apr 5, 2024
Stormshield Network Security (SNS) before 4.2.2 allows a read-only administrator to gain... High Unreviewed
CVE-2021-28962 was published Feb 1, 2022
A command injection issue in Palo Alto Networks Cortex XSOAR CommonScripts Pack allows an... High Unreviewed
CVE-2024-5914 was published Aug 14, 2024
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... High Unreviewed
CVE-2024-21880 was published Aug 12, 2024
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... High Unreviewed
CVE-2024-21879 was published Aug 12, 2024
DrayTek Vigor 3900 before v1.5.1.5_Beta, DrayTek Vigor 2960 before v1.5.1.5_Beta and DrayTek... High Unreviewed
CVE-2024-43027 was published Aug 21, 2024
DedeCMS V5.7.115 has a command execution vulnerability via file_manage_view.php?fmdo=newfile... High Unreviewed
CVE-2024-42636 was published Aug 23, 2024
D-Link DI_8004W 16.07.26A1 contains a command execution vulnerability in jhttpd msp_info_htm... High Unreviewed
CVE-2024-44381 was published Aug 23, 2024
D-Link DI_8004W 16.07.26A1 contains a command execution vulnerability in the jhttpd... High Unreviewed
CVE-2024-44382 was published Aug 23, 2024
Vinchin Backup and Recovery 7.2 and Earlier is vulnerable to Authenticated Remote Code Execution ... High Unreviewed
CVE-2024-25228 was published Mar 14, 2024
There is a command injection vulnerability in some Hikvision NVRs. This could allow an... High Unreviewed
CVE-2024-29949 was published Apr 2, 2024
Command Injection vulnerability discovered in 4ipnet EAP-767 device v3.42.00 within the web... High Unreviewed
CVE-2024-24301 was published Feb 15, 2024
An issue discovered in Telesquare TLR-2005Ksh 1.0.0 and 1.1.4 allows attackers to run arbitrary... High Unreviewed
CVE-2024-29269 was published Apr 10, 2024
There is a command injection vulnerability in the TRENDnet TEW-827DRU router with firmware... High Unreviewed
CVE-2024-28353 was published Mar 15, 2024
TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a remote code execution (RCE)... High Unreviewed
CVE-2024-31811 was published Apr 8, 2024
TYPO3 Install Tool vulnerable to Code Execution High
CVE-2024-22188 was published for typo3/cms-core (Composer) Feb 13, 2024
bnf
An issue in idocv v.14.1.3_20231228 allows a remote attacker to execute arbitrary code and obtain... High Unreviewed
CVE-2024-24377 was published Feb 16, 2024
Vulnerability in admin_ip.php in Seacms v13.1, when action=set, allows attackers to control IP... High Unreviewed
CVE-2024-44916 was published Aug 30, 2024
Commands can be injected over the network and executed without authentication. High Unreviewed
CVE-2024-7029 was published Aug 2, 2024
WAYOS FBM-291W v19.09.11 is vulnerable to Command Execution via msp_info_htm. High Unreviewed
CVE-2024-44383 was published Sep 4, 2024
A post-authentication remote command injection vulnerability in a CGI file in Western Digital My... High Unreviewed
CVE-2023-22816 was published Jul 1, 2023
Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x , contain(s)... High Unreviewed
CVE-2024-38486 was published Sep 6, 2024
Command Injection in Cobbler High
CVE-2021-45082 was published for cobbler (pip) Feb 20, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database