GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
3,104 advisories
Filter by severity
A vulnerability classified as critical was found in Ruijie RG-UAC 1.0. Affected by this...
Moderate
Unreviewed
CVE-2024-6184
was published
Jun 20, 2024
Openfind's MailGates and MailAudit fail to properly filter user input when analyzing email...
Critical
Unreviewed
CVE-2024-6048
was published
Jun 17, 2024
Certain EOL GeoVision devices fail to properly filter user input for the specific functionality....
Critical
Unreviewed
CVE-2024-6047
was published
Jun 17, 2024
SECOM WRTR-304GN-304TW-UPSC V02(unsupported-when-assigned) does not properly filter user input in...
Critical
Unreviewed
CVE-2024-6046
was published
Jun 17, 2024
The specific function parameter of ASUS Download Master does not properly filter user input. An...
High
Unreviewed
CVE-2024-31162
was published
Jun 14, 2024
Remote Command program allows an attacker to get Remote Code Execution. As for the affected...
Critical
Unreviewed
CVE-2024-27172
was published
Jun 14, 2024
A privilege escalation vulnerability was reported in Lenovo Service Bridge prior to version 5.0.2...
High
Unreviewed
CVE-2024-4696
was published
Jun 13, 2024
OS command injection vulnerability in WRC-X5400GS-B v1.0.10 and earlier, and WRC-X5400GSA-B v1.0...
Moderate
Unreviewed
CVE-2024-36103
was published
Jun 12, 2024
Command injection vulnerability in Comtrend router WLD71-T1_v2.0.201820, affecting the GRG-4280us...
High
Unreviewed
CVE-2024-5785
was published
Jun 10, 2024
OS Command injection in Ajax PHP files via HTTP Request, allows to execute system commands by...
Unknown
Unreviewed
CVE-2024-35306
was published
Jun 10, 2024
System command injection through Netflow function due to improper input validation, allowing...
Unknown
Unreviewed
CVE-2024-35304
was published
Jun 10, 2024
In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache...
Critical
Unreviewed
CVE-2024-4577
was published
Jun 9, 2024
AutoGPT, a component of significant-gravitas/autogpt, is vulnerable to an improper neutralization...
High
Unreviewed
CVE-2024-1881
was published
Jun 6, 2024
An OS command injection vulnerability exists in the MacOS Text-To-Speech class MacOSTTS of the...
High
Unreviewed
CVE-2024-1880
was published
Jun 6, 2024
A vulnerability in the parisneo/lollms-webui version 9.3 allows attackers to bypass intended...
Critical
Unreviewed
CVE-2024-2359
was published
Jun 6, 2024
A remote code execution vulnerability exists in mintplex-labs/anything-llm due to improper...
Critical
Unreviewed
CVE-2024-3104
was published
Jun 6, 2024
A10 Thunder ADC CsrRequestView Command Injection Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2024-30368
was published
Jun 6, 2024
SysAid - CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command...
Critical
Unreviewed
CVE-2024-36394
was published
Jun 6, 2024
Missing input validation and OS command integration of the input in the utnserver Pro, utnserver...
Unknown
Unreviewed
CVE-2024-5421
was published
Jun 4, 2024
** UNSUPPORTED WHEN ASSIGNED **
The command injection vulnerability in the “setCookie” parameter...
Critical
Unreviewed
CVE-2024-29973
was published
Jun 4, 2024
** UNSUPPORTED WHEN ASSIGNED **
The command injection vulnerability in the CGI program ...
Critical
Unreviewed
CVE-2024-29972
was published
Jun 4, 2024
Improper neutralization of special elements used in a command ('Command Injection') exists in...
Critical
Unreviewed
CVE-2024-32850
was published
May 31, 2024
A vulnerability was found in Huashi Private Cloud CDN Live Streaming Acceleration Server up to...
Moderate
Unreviewed
CVE-2024-5241
was published
May 23, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS
Command Injection')...
Critical
Unreviewed
CVE-2023-3939
was published
May 21, 2024
ASUS routers supporting custom OpenVPN profiles are vulnerable to a code execution vulnerability....
High
Unreviewed
CVE-2024-0401
was published
May 20, 2024
ProTip!
Advisories are also available from the
GraphQL API