GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,083
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,644
NuGet
638
pip
3,260
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,708 advisories
Filter by severity
DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection...
High
Unreviewed
CVE-2024-44845
was published
Sep 6, 2024
DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection...
High
Unreviewed
CVE-2024-44844
was published
Sep 6, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system...
High
Unreviewed
CVE-2024-21898
was published
Sep 6, 2024
An OS command injection vulnerability has been reported to affect legacy QTS. If exploited, the...
High
Unreviewed
CVE-2023-39300
was published
Sep 6, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system...
High
Unreviewed
CVE-2023-34974
was published
Sep 6, 2024
A command injection vulnerability in the IPSec VPN feature of Zyxel ATP series firmware versions...
High
Unreviewed
CVE-2024-42057
was published
Sep 3, 2024
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from...
High
Unreviewed
CVE-2024-42060
was published
Sep 3, 2024
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from...
High
Unreviewed
CVE-2024-7203
was published
Sep 3, 2024
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from...
High
Unreviewed
CVE-2024-42059
was published
Sep 3, 2024
** UNSUPPORTED WHEN ASSIGNED ** A command injection vulnerability in the functions formSysCmd(),...
High
Unreviewed
CVE-2024-8234
was published
Aug 30, 2024
D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE)...
High
Unreviewed
CVE-2024-44341
was published
Aug 27, 2024
D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE)...
High
Unreviewed
CVE-2024-44340
was published
Aug 27, 2024
D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE)...
High
Unreviewed
CVE-2024-41622
was published
Aug 27, 2024
D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE)...
High
Unreviewed
CVE-2024-44342
was published
Aug 27, 2024
Magnet Forensics AXIOM Command Injection Remote Code Execution Vulnerability. This vulnerability...
High
Unreviewed
CVE-2024-7448
was published
Aug 21, 2024
SSH authenticated user when access the PAM server can execute an OS command to gain the full...
High
Unreviewed
CVE-2020-11847
was published
Aug 21, 2024
A Command Injection vulnerability exists in the do_upgrade_post function of the httpd binary in...
High
Unreviewed
CVE-2024-42633
was published
Aug 19, 2024
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an...
High
Unreviewed
CVE-2024-39402
was published
Aug 14, 2024
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an...
High
Unreviewed
CVE-2024-39401
was published
Aug 14, 2024
The specific CGI of the CAYIN Technology CMS does not properly validate user input, allowing a...
High
Unreviewed
CVE-2024-7728
was published
Aug 14, 2024
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command...
High
Unreviewed
CVE-2024-42737
was published
Aug 13, 2024
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command...
High
Unreviewed
CVE-2024-42739
was published
Aug 13, 2024
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command...
High
Unreviewed
CVE-2024-42738
was published
Aug 13, 2024
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command...
High
Unreviewed
CVE-2024-42736
was published
Aug 13, 2024
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command...
High
Unreviewed
CVE-2024-42741
was published
Aug 12, 2024
ProTip!
Advisories are also available from the
GraphQL API