GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,891 advisories
Filter by severity
A Command Injection vulnerability found in a Self-Hosted UniFi Network Servers (Linux) with UniFi...
High
Unreviewed
CVE-2024-42025
was published
Sep 13, 2024
Improper Input Validation vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise,...
Critical
Unreviewed
CVE-2023-0636
was published
Jul 6, 2023
Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a vulnerability when using...
Moderate
Unreviewed
CVE-2023-31429
was published
Aug 1, 2023
TELSAT marKoni FM Transmitters are vulnerable to a command injection vulnerability through the...
Critical
Unreviewed
CVE-2024-39373
was published
Jun 27, 2024
There is a command injection vulnerability that may allow an attacker to inject malicious input...
High
Unreviewed
CVE-2024-45682
was published
Sep 17, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system...
High
Unreviewed
CVE-2024-38641
was published
Sep 6, 2024
Tenda FH451 v1.0.0.9 has a command injection vulnerability in the formexeCommand function i
High
Unreviewed
CVE-2024-46048
was published
Sep 13, 2024
COMFAST CF-XR11 V2.7.2 has a command injection vulnerability in function sub_424CB4. Attackers...
Critical
Unreviewed
CVE-2024-44466
was published
Sep 11, 2024
Improper Input Validation vulnerability in Hillstone Networks Hillstone Networks Web Application...
Critical
Unreviewed
CVE-2024-8073
was published
Aug 26, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 16.11 prior to 17...
High
Unreviewed
CVE-2024-8640
was published
Sep 12, 2024
TOTOLINK EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command...
Critical
Unreviewed
CVE-2023-51014
was published
Dec 22, 2023
Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were...
Critical
Unreviewed
CVE-2022-27005
was published
Mar 17, 2022
TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to an unauthorized arbitrary command...
Critical
Unreviewed
CVE-2023-51025
was published
Dec 22, 2023
CVE-2024-45824 IMPACT
A remote
code vulnerability exists in the affected products. The...
Critical
Unreviewed
CVE-2024-45824
was published
Sep 12, 2024
Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were...
Critical
Unreviewed
CVE-2022-27004
was published
Mar 17, 2022
Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were...
Critical
Unreviewed
CVE-2022-27003
was published
Mar 17, 2022
RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the...
High
Unreviewed
CVE-2024-44572
was published
Sep 11, 2024
RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a code injection vulnerability via the...
High
Unreviewed
CVE-2024-44570
was published
Sep 11, 2024
RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the...
High
Unreviewed
CVE-2024-44574
was published
Sep 11, 2024
RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the...
High
Unreviewed
CVE-2024-44577
was published
Sep 11, 2024
DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection...
High
Unreviewed
CVE-2024-44844
was published
Sep 6, 2024
DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection...
High
Unreviewed
CVE-2024-44845
was published
Sep 6, 2024
D-Link DI-8300 v16.07.26A1 is vulnerable to command injection via the upgrade_filter_asp function.
Critical
Unreviewed
CVE-2024-44410
was published
Sep 9, 2024
Command Injection vulnerability in goform/SetIPTVCfg interface of Tenda AC15 V15.03.05.20 allows...
High
Unreviewed
CVE-2023-36103
was published
Sep 10, 2024
Microsoft SharePoint Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-38228
was published
Sep 10, 2024
ProTip!
Advisories are also available from the
GraphQL API