GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,006
Composer 4,299
Erlang 31
GitHub Actions 21
Go 2,065
Maven 5,241
npm 3,744
NuGet 668
pip 3,425
Pub 12
RubyGems 892
Rust 877
Swift 36

Unreviewed advisories

All unreviewed 240,043

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

818 advisories

Filter by severity

Sort by

Least recently updated

Multiple OS command injection vulnerabilities affecting Vonets industrial wifi bridge relays... Critical Unreviewed

CVE-2024-37023 was published Aug 12, 2024

Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... Critical Unreviewed

CVE-2024-21878 was published Aug 12, 2024

An issue in Koha ILS 23.05 and before allows a remote attacker to execute arbitrary code via a... Critical Unreviewed

CVE-2024-28739 was published Aug 6, 2024

GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000... Critical Unreviewed

CVE-2024-39226 was published Aug 6, 2024

Improper filering of special characters result in a command ('command injection') vulnerability... Critical Unreviewed

CVE-2024-7397 was published Aug 5, 2024

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability... Critical Unreviewed

CVE-2024-41319 was published Jul 23, 2024

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability... Critical Unreviewed

CVE-2024-41318 was published Jul 22, 2024

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability... Critical Unreviewed

CVE-2024-41316 was published Jul 22, 2024

This vulnerability allows an unauthenticated attacker to achieve remote command execution on the... Critical Unreviewed

CVE-2024-38492 was published Jul 15, 2024

Sourcecodester Poultry Farm Management System v1.0 contains an Unauthenticated Remote Code... Critical Unreviewed

CVE-2024-40110 was published Jul 12, 2024

An issue was discovered in SeaCMS <=12.9 which allows remote attackers to execute arbitrary code... Critical Unreviewed

CVE-2024-39028 was published Jul 5, 2024

TELSAT marKoni FM Transmitters are vulnerable to a command injection vulnerability through the... Critical Unreviewed

CVE-2024-39373 was published Jun 27, 2024

In WhatsUp Gold versions released before 2023.1.3, a Remote Code Execution issue exists in... Critical Unreviewed

CVE-2024-4883 was published Jun 25, 2024

In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Remote Code Execution... Critical Unreviewed

CVE-2024-4884 was published Jun 25, 2024

Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... Critical Unreviewed

CVE-2024-37091 was published Jun 24, 2024

Actual Analyzer through 2014-08-29 allows code execution via shell metacharacters because... Critical Unreviewed

CVE-2014-5470 was published Jun 22, 2024

TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a command injection vulnerability... Critical Unreviewed

CVE-2024-37642 was published Jun 14, 2024

Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 on Windows allows command injection via... Critical Unreviewed

CVE-2024-37385 was published Jun 7, 2024

A vulnerability in the PyTorch's torch.distributed.rpc framework, specifically in versions prior... Critical Unreviewed

CVE-2024-5480 was published Jun 6, 2024

Tenda O3V2 v1.0.0.12(3880) was discovered to contain a Blind Command Injection via stpEn... Critical Unreviewed

CVE-2024-36604 was published Jun 4, 2024

Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... Critical Unreviewed

CVE-2024-34792 was published Jun 4, 2024

TOTOLINK LR350 V9.3.5u.6369_B20220309 was discovered to contain a command injection via the... Critical Unreviewed

CVE-2024-36783 was published Jun 3, 2024

A remote code execution vulnerability exists in the parisneo/lollms-webui application,... Critical Unreviewed

CVE-2024-2366 was published May 16, 2024

TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection... Critical Unreviewed

CVE-2024-32353 was published May 14, 2024

TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection... Critical Unreviewed

CVE-2024-34204 was published May 14, 2024

Previous 1 2 3 4 5 … 32 33 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

818 advisories