Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,233
Erlang
31
GitHub Actions
20
Go
1,992
Maven
5,000+
npm
3,709
NuGet
661
pip
3,345
Pub
11
RubyGems
884
Rust
846
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

928 advisories

Loading
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... High Unreviewed
CVE-2024-45505 was published Nov 18, 2024
Sercomm Router Etisalat Model S3- AC2100 is affected by Incorrect Access Control via the... High Unreviewed
CVE-2021-27702 was published Nov 13, 2024
Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injection vulnerability via the... High Unreviewed
CVE-2024-50853 was published Nov 13, 2024
Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injection vulnerability via the... High Unreviewed
CVE-2024-50852 was published Nov 13, 2024
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All... High Unreviewed
CVE-2024-50572 was published Nov 12, 2024
An issue in DLink DWR 2000M 5G CPE With Wifi 6 Ax1800 and Dlink DWR 5G CPE DWR-2000M_1.34ME... High Unreviewed
CVE-2024-28726 was published Nov 13, 2024
Azure Database for PostgreSQL Flexible Server Extension Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-49042 was published Nov 12, 2024
Azure Database for PostgreSQL Flexible Server Extension Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-43613 was published Nov 12, 2024
D-Link DIR-820L 1.05b03 was discovered to contain a remote code execution (RCE) vulnerability via... High Unreviewed
CVE-2024-51186 was published Nov 11, 2024
Microsoft Excel Remote Code Execution Vulnerability High Unreviewed
CVE-2024-49026 was published Nov 12, 2024
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) an... High Unreviewed
CVE-2024-49557 was published Nov 12, 2024
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) a... High Unreviewed
CVE-2024-49560 was published Nov 12, 2024
Netgear EX3700 ' AC750 WiFi Range Extender Essentials Edition before 1.0.0.98 contains an... High Unreviewed
CVE-2024-35522 was published Oct 12, 2024
Netgear XR1000 v1.0.0.64 is vulnerable to command injection in usb_remote_smb_conf.cgi via the... High Unreviewed
CVE-2024-35517 was published Oct 12, 2024
An attacker with local access the to medical office computer can escalate his Windows user... High Unreviewed
CVE-2024-50591 was published Nov 8, 2024
GoSecure on behalf of Genetec Inc. has found a flaw that allows for a remote code execution... High Unreviewed
CVE-2023-21413 was published Oct 16, 2023
An authenticated command injection vulnerability exists in the Instant AOS-8 and AOS-10 command... High Unreviewed
CVE-2024-47461 was published Nov 6, 2024
A potential vulnerability was discovered in certain Poly video conferencing devices. The firmware... High Unreviewed
CVE-2024-9579 was published Nov 5, 2024
Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were... High Unreviewed
CVE-2024-52022 was published Nov 5, 2024
KERUI HD 3MP 1080P Tuya Camera 1.0.4 has a command injection vulnerability in the module that... High Unreviewed
CVE-2024-48214 was published Oct 30, 2024
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and... High Unreviewed
CVE-2024-51254 was published Oct 31, 2024
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and... High Unreviewed
CVE-2024-51304 was published Oct 30, 2024
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and... High Unreviewed
CVE-2024-51300 was published Oct 30, 2024
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and... High Unreviewed
CVE-2024-51296 was published Oct 30, 2024
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and... High Unreviewed
CVE-2024-51258 was published Oct 30, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database