GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,020 advisories
Filter by severity
Dell ThinOS versions 2402 and 2405, contains an Improper Neutralization of Special Elements used...
High
Unreviewed
CVE-2024-42427
was published
Sep 10, 2024
An improper neutralization of special elements used in a command ('Command Injection')...
High
Unreviewed
CVE-2024-33508
was published
Sep 10, 2024
Microsoft SharePoint Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-38227
was published
Sep 10, 2024
Microsoft SharePoint Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-38228
was published
Sep 10, 2024
Command Injection vulnerability in goform/SetIPTVCfg interface of Tenda AC15 V15.03.05.20 allows...
High
Unreviewed
CVE-2023-36103
was published
Sep 10, 2024
DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection...
High
Unreviewed
CVE-2024-44845
was published
Sep 6, 2024
DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection...
High
Unreviewed
CVE-2024-44844
was published
Sep 6, 2024
Remote code execution (RCE) in Apache Airflow
High
CVE-2020-11978
was published
for
apache-airflow
(pip)
Jul 27, 2020
RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the...
High
Unreviewed
CVE-2024-44574
was published
Sep 11, 2024
RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the...
High
Unreviewed
CVE-2024-44577
was published
Sep 11, 2024
RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the...
High
Unreviewed
CVE-2024-44572
was published
Sep 11, 2024
RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a code injection vulnerability via the...
High
Unreviewed
CVE-2024-44570
was published
Sep 11, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 16.11 prior to 17...
High
Unreviewed
CVE-2024-8640
was published
Sep 12, 2024
Tenda FH451 v1.0.0.9 has a command injection vulnerability in the formexeCommand function i
High
Unreviewed
CVE-2024-46048
was published
Sep 13, 2024
LoLLMS Command Injection vulnerability
High
CVE-2024-4078
was published
for
lollms
(pip)
May 16, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system...
High
Unreviewed
CVE-2024-38641
was published
Sep 6, 2024
There is a command injection vulnerability that may allow an attacker to inject malicious input...
High
Unreviewed
CVE-2024-45682
was published
Sep 17, 2024
Starship vulnerable to shell injection via undocumented, unpredictable shell expansion in custom commands
High
CVE-2024-41815
was published
for
starship
(Rust)
Jul 26, 2024
A Command Injection vulnerability found in a Self-Hosted UniFi Network Servers (Linux) with UniFi...
High
Unreviewed
CVE-2024-42025
was published
Sep 13, 2024
An authenticated user can execute arbitrary command in Gerapy
High
CVE-2021-32849
was published
for
gerapy
(pip)
Jan 6, 2022
ProTip!
Advisories are also available from the
GraphQL API