GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,006
Composer 4,299
Erlang 31
GitHub Actions 21
Go 2,065
Maven 5,241
npm 3,744
NuGet 668
pip 3,425
Pub 12
RubyGems 892
Rust 877
Swift 36

Unreviewed advisories

All unreviewed 240,043

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

818 advisories

Filter by severity

Sort by

Least recently updated

D-Link DIR-845L router v1.01KRb03 and before is vulnerable to Command injection via the hnap_main... Critical Unreviewed

CVE-2024-33112 was published May 6, 2024

Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability via the ipurl... Critical Unreviewed

CVE-2024-33789 was published May 3, 2024

D-Link DIR-822+ V1.0.5 was found to contain a command injection in ftext function of... Critical Unreviewed

CVE-2024-33344 was published Apr 26, 2024

An OS command injection vulnerability has been reported to affect several QNAP operating system... Critical Unreviewed

CVE-2024-32766 was published Apr 26, 2024

A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS... Critical Unreviewed

CVE-2024-3400 was published Apr 12, 2024

Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... Critical Unreviewed

CVE-2024-27972 was published Apr 3, 2024

A command injection vulnerability in Ivanti Sentry prior to 9.19.0 allows unauthenticated threat... Critical Unreviewed

CVE-2023-41724 was published Mar 31, 2024

Tenda AC18 V15.03.05.05 contains a command injection vulnerablility in the deviceName parameter... Critical Unreviewed

CVE-2024-28545 was published Mar 26, 2024

DIR-845L router <= v1.01KRb03 has an Unauthenticated remote code execution vulnerability in the... Critical Unreviewed

CVE-2024-29385 was published Mar 22, 2024

Distrobox before 1.7.0.1 allows attackers to execute arbitrary code via command injection into... Critical Unreviewed

CVE-2024-29864 was published Mar 21, 2024

There is a command injection vulnerability in the TRENDnet TEW-827DRU router with firmware... Critical Unreviewed

CVE-2024-28354 was published Mar 15, 2024

SAP NetWeaver Administrator AS Java (Administrator Log Viewer plug-in) - version 7.50, allows an... Critical Unreviewed

CVE-2024-22127 was published Mar 12, 2024

In Indo-Sol PROFINET-INspektor NT through 2.4.0, a command injection vulnerability in the... Critical Unreviewed

CVE-2023-49959 was published Feb 26, 2024

Netis WF2780 v2.1.40144 was discovered to contain a command injection vulnerability via the... Critical Unreviewed

CVE-2024-25850 was published Feb 22, 2024

Command Injection vulnerability in D-Link Dir 816 with firmware version DIR-816_A2_v1.10CNB04... Critical Unreviewed

CVE-2023-24331 was published Feb 21, 2024

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an... Critical Unreviewed

CVE-2024-1355 was published Feb 13, 2024

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an... Critical Unreviewed

CVE-2024-1359 was published Feb 13, 2024

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an... Critical Unreviewed

CVE-2024-1369 was published Feb 13, 2024

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an... Critical Unreviewed

CVE-2024-1372 was published Feb 13, 2024

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an... Critical Unreviewed

CVE-2024-1374 was published Feb 13, 2024

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an... Critical Unreviewed

CVE-2024-1378 was published Feb 13, 2024

In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with... Critical Unreviewed

CVE-2023-46687 was published Feb 9, 2024

An issue in Dlink DIR-816A2 v.1.10CNB05 allows a remote attacker to execute arbitrary code via... Critical Unreviewed

CVE-2024-24321 was published Feb 8, 2024

Zentao v18.0 to v18.10 was discovered to contain a remote code execution (RCE) vulnerability via... Critical Unreviewed

CVE-2024-24216 was published Feb 8, 2024

An issue in symphony v.3.6.3 and before allows a remote attacker to execute arbitrary code via... Critical Unreviewed

CVE-2024-23049 was published Feb 6, 2024

Previous 1 2 3 4 5 6 … 32 33 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

818 advisories