Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+

955 advisories

Loading
D-Link DI-8100G 17.12.20A1 is vulnerable to Command Injection via sub47A60C function in the... Critical Unreviewed
CVE-2024-44401 was published Sep 6, 2024
tinyfiledialogs (aka tiny file dialogs) before 3.15.0 allows shell metacharacters (such as a... Critical Unreviewed
CVE-2023-47104 was published Oct 30, 2023
D-Link DI-8300 v16.07.26A1 is vulnerable to command injection via the upgrade_filter_asp function. Critical Unreviewed
CVE-2024-44410 was published Sep 9, 2024
Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were... Critical Unreviewed
CVE-2022-27003 was published Mar 17, 2022
Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were... Critical Unreviewed
CVE-2022-27004 was published Mar 17, 2022
CVE-2024-45824 IMPACT A remote code vulnerability exists in the affected products. The... Critical Unreviewed
CVE-2024-45824 was published Sep 12, 2024
TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to an unauthorized arbitrary command... Critical Unreviewed
CVE-2023-51025 was published Dec 22, 2023
Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were... Critical Unreviewed
CVE-2022-27005 was published Mar 17, 2022
TOTOLINK EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command... Critical Unreviewed
CVE-2023-51014 was published Dec 22, 2023
Improper Input Validation vulnerability in Hillstone Networks Hillstone Networks Web Application... Critical Unreviewed
CVE-2024-8073 was published Aug 26, 2024
COMFAST CF-XR11 V2.7.2 has a command injection vulnerability in function sub_424CB4. Attackers... Critical Unreviewed
CVE-2024-44466 was published Sep 11, 2024
TELSAT marKoni FM Transmitters are vulnerable to a command injection vulnerability through the... Critical Unreviewed
CVE-2024-39373 was published Jun 27, 2024
Improper Input Validation vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise,... Critical Unreviewed
CVE-2023-0636 was published Jul 6, 2023
Donfig Command Injection in collect_yaml method Critical
CVE-2019-7537 was published for donfig (pip) May 14, 2022
A condition exists in FlashArray and FlashBlade Purity whereby a malicious user could execute... Critical Unreviewed
CVE-2024-0005 was published Sep 23, 2024
json-logic-js Command Injection vulnerability Critical
CVE-2021-4329 was published for json-logic-js (npm) Mar 5, 2023
A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE UTILITY sub-menu can allow a... Critical Unreviewed
CVE-2024-43693 was published Sep 25, 2024
A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE IP sub-menu can allow a... Critical Unreviewed
CVE-2024-45066 was published Sep 25, 2024
Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated... Critical Unreviewed
CVE-2024-42506 was published Sep 25, 2024
Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated... Critical Unreviewed
CVE-2024-42505 was published Sep 25, 2024
Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated... Critical Unreviewed
CVE-2024-42507 was published Sep 25, 2024
SAP NetWeaver Administrator AS Java (Administrator Log Viewer plug-in) - version 7.50, allows an... Critical Unreviewed
CVE-2024-22127 was published Mar 12, 2024
Command injection in libvcs and vcspull Critical
CVE-2022-21187 was published for libvcs (pip) Mar 15, 2022
tony
Command injection and multiple stack-based buffer overflows vulnerabilities in the... Critical Unreviewed
CVE-2021-26731 was published Oct 24, 2022
Command injection in LocalStack Critical
CVE-2021-32090 was published for localstack (pip) Jun 18, 2021
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database