GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,939
Maven
5,000+
npm
3,677
NuGet
643
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
770 advisories
Filter by severity
The wireless router WRTM326 from SECOM does not properly validate a specific parameter. An...
Critical
Unreviewed
CVE-2024-10119
was published
Oct 18, 2024
SECOM WRTR-304GN-304TW-UPSC does not properly filter user input in the specific functionality....
Critical
Unreviewed
CVE-2024-10118
was published
Oct 18, 2024
An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated...
Critical
Unreviewed
CVE-2024-9463
was published
Oct 9, 2024
An OS command injection vulnerability in Palo Alto Networks Expedition allows an authenticated...
Critical
Unreviewed
CVE-2024-9464
was published
Oct 9, 2024
Elsight – CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command...
Critical
Unreviewed
CVE-2024-45251
was published
Oct 6, 2024
Elsight – CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command...
Critical
Unreviewed
CVE-2024-45252
was published
Oct 6, 2024
The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0...
Critical
Unreviewed
CVE-2024-45519
was published
Oct 3, 2024
The Linear eMerge e3-Series through version 1.00-07 is vulnerable to an OS command injection...
Critical
Unreviewed
CVE-2024-9441
was published
Oct 2, 2024
The device enables an unauthorized attacker to execute system commands with elevated privileges....
Critical
Unreviewed
CVE-2024-9166
was published
Sep 26, 2024
**UNSUPPORTED WHEN ASSIGNED** A command injection vulnerability in the export-cgi program of...
Critical
Unreviewed
CVE-2024-6342
was published
Sep 10, 2024
Improper Input Validation vulnerability in Progress LoadMaster allows OS Command Injection.This...
Critical
Unreviewed
CVE-2024-7591
was published
Sep 5, 2024
The improper neutralization of special elements in the parameter "host" in the CGI program of...
Critical
Unreviewed
CVE-2024-7261
was published
Sep 3, 2024
Command injection vulnerability in Asus RT-N15U 3.0.0.4.376_3754 allows a remote attacker to...
Critical
Unreviewed
CVE-2024-42757
was published
Aug 15, 2024
Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows...
Critical
Unreviewed
CVE-2024-23789
was published
Aug 14, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')...
Critical
Unreviewed
CVE-2024-6917
was published
Aug 12, 2024
The function "generate_app_certificates" in lib/app_certificates.js of FIWARE Keyrock <= 8.4 does...
Critical
Unreviewed
CVE-2024-42166
was published
Aug 12, 2024
The function "generate_app_certificates" in controllers/saml2/saml2.js of FIWARE Keyrock <= 8.4...
Critical
Unreviewed
CVE-2024-42167
was published
Aug 12, 2024
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability...
Critical
Unreviewed
CVE-2024-21878
was published
Aug 12, 2024
GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000...
Critical
Unreviewed
CVE-2024-39228
was published
Aug 6, 2024
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly...
Critical
Unreviewed
CVE-2024-38887
was published
Aug 2, 2024
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly...
Critical
Unreviewed
CVE-2024-38889
was published
Aug 2, 2024
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly...
Critical
Unreviewed
CVE-2024-38882
was published
Aug 2, 2024
The web services of Softnext's products, Mail SQR Expert and Mail Archiving Expert do not...
Critical
Unreviewed
CVE-2024-5670
was published
Jul 29, 2024
Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the...
Critical
Unreviewed
CVE-2024-41468
was published
Jul 26, 2024
FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allow a...
Critical
Unreviewed
CVE-2024-36491
was published
Jul 17, 2024
ProTip!
Advisories are also available from the
GraphQL API