Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,299
Erlang
31
GitHub Actions
21
Go
2,065
Maven
5,000+
npm
3,744
NuGet
668
pip
3,425
Pub
12
RubyGems
892
Rust
877
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,100 advisories

Loading
SaltStack Salt command injection via a crafted process name High
CVE-2020-28243 was published for salt (pip) May 24, 2022
DeepSpeed Remote Code Execution Vulnerability High
CVE-2024-43497 was published for deepspeed (pip) Oct 8, 2024
Arbitrary command execution on Windows via qutebrowserurl: URL handler High
CVE-2021-41146 was published for qutebrowser (pip) Oct 22, 2021
Netgear EX6120 v1.0.0.68, Netgear EX6100 v1.0.2.28, and Netgear EX3700 v1.0.0.96 are vulnerable... High Unreviewed
CVE-2024-35519 was published Oct 15, 2024
Netgear EX6120 v1.0.0.68 is vulnerable to Command Injection in genie_fix2.cgi via the... High Unreviewed
CVE-2024-35518 was published Oct 15, 2024
Arbitrary Code Execution in Rdoc High
CVE-2021-31799 was published for rdoc (RubyGems) Sep 1, 2021
An administrator is able to execute commands as root via the alerts management dialog High Unreviewed
CVE-2021-4406 was published Jul 10, 2023
A vulnerability was discovered in DI_8200-16.07.26A1, which has been classified as critical. This... High Unreviewed
CVE-2024-44413 was published Oct 11, 2024
Netgear R7000 1.0.11.136 is vulnerable to Command Injection in RMT_invite.cgi via device_name2... High Unreviewed
CVE-2024-35520 was published Oct 15, 2024
Furbo dog camera has insufficient filtering for special parameter of device log management... High Unreviewed
CVE-2023-28704 was published Jun 2, 2023
Pipenv's requirements.txt parsing allows malicious index url in comments High
CVE-2022-21668 was published for pipenv (pip) Jan 12, 2022
milo-minderbinder
An OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2... High Unreviewed
CVE-2024-9380 was published Oct 8, 2024
PAX Android based POS devices with PayDroid_8.1.0_Sagittarius_V11.1.50_20230614 or earlier can... High Unreviewed
CVE-2023-42136 was published Jan 15, 2024
In Progress Telerik Reporting versions prior to 2024 Q3 (2024.3.924), a command injection attack... High Unreviewed
CVE-2024-7840 was published Oct 9, 2024
Visual Studio Code for Linux Remote Code Execution Vulnerability High Unreviewed
CVE-2024-43601 was published Oct 8, 2024
Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-43591 was published Oct 8, 2024
furlongm openvpn-monitor command injection High
CVE-2021-31605 was published for openvpn-monitor (pip) May 24, 2022
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... High Unreviewed
CVE-2023-26320 was published Oct 11, 2023
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... High Unreviewed
CVE-2023-26319 was published Oct 11, 2023
Scriptcase 9.10.023 and before is vulnerable to Remote Code Execution (RCE) via the nm_unzip... High Unreviewed
CVE-2024-46084 was published Oct 1, 2024
Wiz Code Visual Studio Code extension in versions 1.0.0 up to 1.5.3 and Wiz (legacy) Visual... High Unreviewed
CVE-2024-9145 was published Oct 1, 2024
There is a command injection vulnerability that may allow an attacker to inject malicious input... High Unreviewed
CVE-2024-45682 was published Sep 17, 2024
Dell SmartFabric OS10 Software, versions 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contains an... High Unreviewed
CVE-2024-39577 was published Sep 26, 2024
Command Injection in Nuitka High
CVE-2022-2054 was published for Nuitka (pip) Jun 13, 2022
In Progress Telerik UI for WPF versions prior to 2024 Q3 (2024.3.924), a command injection attack... High Unreviewed
CVE-2024-7575 was published Sep 25, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database