GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,335
Composer 4,133
Erlang 29
GitHub Actions 19
Go 1,939
Maven 5,134
npm 3,677
NuGet 643
pip 3,295
Pub 11
RubyGems 877
Rust 830
Swift 35

Unreviewed advisories

All unreviewed 230,779

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

929 advisories

Filter by severity

Sort by

Least recently updated

Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the... Critical Unreviewed

CVE-2024-41468 was published Jul 26, 2024

FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allow a... Critical Unreviewed

CVE-2024-36491 was published Jul 17, 2024

An issue was found on the Ruijie EG-2000 series gateway. There is a newcli.php API interface... Critical Unreviewed

CVE-2019-16639 was published Jul 16, 2024

An high privileged remote attacker can enable telnet access that accepts hardcoded credentials. Critical Unreviewed

CVE-2024-28751 was published Jul 9, 2024

rejetto HFS vulnerable to OS Command Execution by remote authenticated users Critical

CVE-2024-39943 was published for hfs (npm) Jul 5, 2024

A command injection vulnerability exists in the mudler/localai version 2.14.0. The vulnerability... Critical Unreviewed

CVE-2024-5181 was published Jun 26, 2024

Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... Critical Unreviewed

CVE-2024-37091 was published Jun 24, 2024

Openfind's MailGates and MailAudit fail to properly filter user input when analyzing email... Critical Unreviewed

CVE-2024-6048 was published Jun 17, 2024

Certain EOL GeoVision devices fail to properly filter user input for the specific functionality.... Critical Unreviewed

CVE-2024-6047 was published Jun 17, 2024

SECOM WRTR-304GN-304TW-UPSC V02(unsupported-when-assigned) does not properly filter user input in... Critical Unreviewed

CVE-2024-6046 was published Jun 17, 2024

Remote Command program allows an attacker to get Remote Code Execution. As for the affected... Critical Unreviewed

CVE-2024-27172 was published Jun 14, 2024

In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache... Critical Unreviewed

CVE-2024-4577 was published Jun 9, 2024

A vulnerability in the parisneo/lollms-webui version 9.3 allows attackers to bypass intended... Critical Unreviewed

CVE-2024-2359 was published Jun 6, 2024

A remote code execution vulnerability exists in mintplex-labs/anything-llm due to improper... Critical Unreviewed

CVE-2024-3104 was published Jun 6, 2024

SysAid - CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command... Critical Unreviewed

CVE-2024-36394 was published Jun 6, 2024

** UNSUPPORTED WHEN ASSIGNED ** The command injection vulnerability in the “setCookie” parameter... Critical Unreviewed

CVE-2024-29973 was published Jun 4, 2024

** UNSUPPORTED WHEN ASSIGNED ** The command injection vulnerability in the CGI program ... Critical Unreviewed

CVE-2024-29972 was published Jun 4, 2024

Improper neutralization of special elements used in a command ('Command Injection') exists in... Critical Unreviewed

CVE-2024-32850 was published May 31, 2024

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed

CVE-2023-3939 was published May 21, 2024

Dreamweaver Desktop versions 21.3 and earlier are affected by an Improper Neutralization of... Critical Unreviewed

CVE-2024-30314 was published May 16, 2024

There is a command injection vulnerability in the underlying Central Communications service that... Critical Unreviewed

CVE-2024-31471 was published May 15, 2024

There are command injection vulnerabilities in the underlying Soft AP Daemon service that could... Critical Unreviewed

CVE-2024-31472 was published May 15, 2024

IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow a remote authenticated attacker to... Critical Unreviewed

CVE-2023-47709 was published May 14, 2024

tiagorlampert CHAOS vulnerable to arbitrary code execution Critical

CVE-2024-33434 was published for github.com/tiagorlampert/CHAOS (Go) May 7, 2024

LG Simple Editor readVideoInfo Command Injection Remote Code Execution Vulnerability. This... Critical Unreviewed

CVE-2023-40504 was published May 3, 2024

Previous 1 2 3 4 5 … 37 38 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

929 advisories