GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,215
Composer 4,344
Erlang 31
GitHub Actions 22
Go 2,112
Maven 5,287
npm 3,767
NuGet 680
pip 3,453
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,561

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,854 advisories

Filter by severity

Sort by

Least recently updated

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'),... High Unreviewed

CVE-2024-9054 was published Oct 4, 2024

TP-LINK TL-WDR5620 v2.3 was discovered to contain a remote code execution (RCE) vulnerability via... High Unreviewed

CVE-2024-46486 was published Oct 4, 2024

Syrotech SY-GOPON-8OLT-L3 v1.6.0_240629 was discovered to contain an authenticated command... High Unreviewed

CVE-2024-46658 was published Oct 3, 2024

An issue in Plasmoapp RPShare Fabric mod v.1.0.0 allows a remote attacker to execute arbitrary... High Unreviewed

CVE-2024-33368 was published Sep 27, 2024

Tenda G3 Router firmware v15.03.05.05 was discovered to contain a remote code execution (RCE)... High Unreviewed

CVE-2024-46628 was published Sep 26, 2024

VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain a command injection vulnerability via the... High Unreviewed

CVE-2024-46329 was published Sep 26, 2024

VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain a command injection vulnerability via the... High Unreviewed

CVE-2024-46330 was published Sep 26, 2024

Gigastone TR1 Travel Router R101 v1.0.2 is vulnerable to Command Injection. This allows an... High Unreviewed

CVE-2024-44678 was published Sep 25, 2024

OS command injection vulnerability in multiple digital video recorders provided by TAKENAKA... High Unreviewed

CVE-2024-43778 was published Sep 18, 2024

PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an OS command injection issue.... High Unreviewed

CVE-2024-8957 was published Sep 17, 2024

Authenticated command execution vulnerability exist in the ArubaOS command line interface (CLI).... High Unreviewed

CVE-2024-42503 was published Sep 17, 2024

Authenticated command injection vulnerability exists in the ArubaOS command line interface.... High Unreviewed

CVE-2024-42502 was published Sep 17, 2024

There is a command injection vulnerability that may allow an attacker to inject malicious input... High Unreviewed

CVE-2024-45682 was published Sep 17, 2024

Certain models of D-Link wireless routers do not properly validate user input in the telnet... High Unreviewed

CVE-2024-45698 was published Sep 16, 2024

A privilege escalation vulnerability was discovered in XCC that could allow a valid,... High Unreviewed

CVE-2024-8279 was published Sep 13, 2024

An input validation weakness was discovered in XCC that could allow a valid, authenticated XCC... High Unreviewed

CVE-2024-8280 was published Sep 13, 2024

An input validation weakness was discovered in XCC that could allow a valid, authenticated XCC... High Unreviewed

CVE-2024-8281 was published Sep 13, 2024

A privilege escalation vulnerability was discovered in XCC that could allow a valid,... High Unreviewed

CVE-2024-8278 was published Sep 13, 2024

Multiple vulnerabilities in Cisco Routed PON Controller Software, which runs as a docker... High Unreviewed

CVE-2024-20483 was published Sep 11, 2024

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker... High Unreviewed

CVE-2024-20398 was published Sep 11, 2024

A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated... High Unreviewed

CVE-2024-8686 was published Sep 11, 2024

An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518... High Unreviewed

CVE-2024-8190 was published Sep 10, 2024

An attacker with authenticated access to VICIdial as an "agent" can execute arbitrary shell... High Unreviewed

CVE-2024-8504 was published Sep 10, 2024

A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due... High Unreviewed

CVE-2024-43386 was published Sep 10, 2024

An low privileged remote attacker can execute OS commands with root privileges due to improper... High Unreviewed

CVE-2024-7699 was published Sep 10, 2024

Previous 1 2 3 4 5 6 7 8 … 74 75 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,854 advisories