Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+

3,104 advisories

Loading
An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved... High Unreviewed
CVE-2024-39520 was published Jul 11, 2024
Insecure handling of POST header parameter body included in requests being sent to an instance of... High Unreviewed
CVE-2024-3799 was published Jul 10, 2024
A remote attacker with high privileges may use a reading file function to inject OS commands. High Unreviewed
CVE-2024-28748 was published Jul 9, 2024
A remote attacker with high privileges may use a writing file function to inject OS commands. High Unreviewed
CVE-2024-28749 was published Jul 9, 2024
An high privileged remote attacker can enable telnet access that accepts hardcoded credentials.  Critical Unreviewed
CVE-2024-28751 was published Jul 9, 2024
A remote attacker with high privileges may use a deleting file function to inject OS commands. High Unreviewed
CVE-2024-28750 was published Jul 9, 2024
D-Link DIR-823X firmware - 240126 was discovered to contain a remote command execution (RCE)... High Unreviewed
CVE-2024-39202 was published Jul 8, 2024
Three os command injection vulnerabilities exist in the boa formWsc functionality of Realtek... High Unreviewed
CVE-2023-50381 was published Jul 8, 2024
Three os command injection vulnerabilities exist in the boa formWsc functionality of Realtek... High Unreviewed
CVE-2023-50383 was published Jul 8, 2024
Three os command injection vulnerabilities exist in the boa formWsc functionality of Realtek... High Unreviewed
CVE-2023-50382 was published Jul 8, 2024
rejetto HFS vulnerable to OS Command Execution by remote authenticated users Critical
CVE-2024-39943 was published for hfs (npm) Jul 5, 2024
jc21 NGINX Proxy Manager before 2.11.3 allows backend/internal/certificate.js OS command... High Unreviewed
CVE-2024-39935 was published Jul 4, 2024
An os command injection vulnerability exists in the CWMP SelfDefinedTimeZone functionality of... High Unreviewed
CVE-2024-32937 was published Jul 3, 2024
A high privileged remote attacker can execute arbitrary system commands via GET requests due to... High Unreviewed
CVE-2024-5672 was published Jul 3, 2024
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker... Moderate Unreviewed
CVE-2024-20399 was published Jul 1, 2024
Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an... High Unreviewed
CVE-2024-37140 was published Jun 26, 2024
A command injection vulnerability exists in the mudler/localai version 2.14.0. The vulnerability... Critical Unreviewed
CVE-2024-5181 was published Jun 26, 2024
Cross Site Scripting vulnerability in Hangzhou Meisoft Information Technology Co., Ltd. Finesoft... Moderate Unreviewed
CVE-2024-37678 was published Jun 24, 2024
The CRUDDIY project is vulnerable to shell command injection via sending a crafted POST request... High Unreviewed
CVE-2024-4748 was published Jun 24, 2024
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... Critical Unreviewed
CVE-2024-37091 was published Jun 24, 2024
Remote Code Execution in create_conda_env function in lollms Moderate
CVE-2024-3121 was published for lollms (pip) Jun 24, 2024
A command injection issue in TOTOLINK A6000R V1.0.1-B20201211.2000 firmware allows a remote... High Unreviewed
CVE-2024-37626 was published Jun 20, 2024
A vulnerability, which was classified as critical, was found in Ruijie RG-UAC 1.0. This affects... Moderate Unreviewed
CVE-2024-6186 was published Jun 20, 2024
A vulnerability has been found in Ruijie RG-UAC 1.0 and classified as critical. This... Moderate Unreviewed
CVE-2024-6187 was published Jun 20, 2024
A vulnerability, which was classified as critical, has been found in Ruijie RG-UAC 1.0. Affected... Moderate Unreviewed
CVE-2024-6185 was published Jun 20, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database