GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
774 advisories
Filter by severity
Improper Input Validation vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise,...
Critical
Unreviewed
CVE-2023-0636
was published
Jul 6, 2023
TELSAT marKoni FM Transmitters are vulnerable to a command injection vulnerability through the...
Critical
Unreviewed
CVE-2024-39373
was published
Jun 27, 2024
COMFAST CF-XR11 V2.7.2 has a command injection vulnerability in function sub_424CB4. Attackers...
Critical
Unreviewed
CVE-2024-44466
was published
Sep 11, 2024
Improper Input Validation vulnerability in Hillstone Networks Hillstone Networks Web Application...
Critical
Unreviewed
CVE-2024-8073
was published
Aug 26, 2024
TOTOLINK EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command...
Critical
Unreviewed
CVE-2023-51014
was published
Dec 22, 2023
Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were...
Critical
Unreviewed
CVE-2022-27005
was published
Mar 17, 2022
TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to an unauthorized arbitrary command...
Critical
Unreviewed
CVE-2023-51025
was published
Dec 22, 2023
CVE-2024-45824 IMPACT
A remote
code vulnerability exists in the affected products. The...
Critical
Unreviewed
CVE-2024-45824
was published
Sep 12, 2024
Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were...
Critical
Unreviewed
CVE-2022-27004
was published
Mar 17, 2022
Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were...
Critical
Unreviewed
CVE-2022-27003
was published
Mar 17, 2022
D-Link DI-8300 v16.07.26A1 is vulnerable to command injection via the upgrade_filter_asp function.
Critical
Unreviewed
CVE-2024-44410
was published
Sep 9, 2024
tinyfiledialogs (aka tiny file dialogs) before 3.15.0 allows shell metacharacters (such as a...
Critical
Unreviewed
CVE-2023-47104
was published
Oct 30, 2023
D-Link DI-8100G 17.12.20A1 is vulnerable to Command Injection via sub47A60C function in the...
Critical
Unreviewed
CVE-2024-44401
was published
Sep 6, 2024
D-Link DI-8100G 17.12.20A1 is vulnerable to Command Injection via msp_info.htm.
Critical
Unreviewed
CVE-2024-44402
was published
Sep 6, 2024
An issue in TOTOlink X6000R V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary...
Critical
Unreviewed
CVE-2023-46484
was published
Oct 31, 2023
An issue in TOTOlink X6000R V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary...
Critical
Unreviewed
CVE-2023-46485
was published
Oct 31, 2023
An issue in the handler function in /goform/telnet of Tenda FH1201 v1.2.0.14 (408) allows...
Critical
Unreviewed
CVE-2024-42947
was published
Aug 15, 2024
Qualitor through 8.20 allows remote attackers to execute arbitrary code via PHP code in the html...
Critical
Unreviewed
CVE-2023-47253
was published
Nov 6, 2023
Zentao v18.0 to v18.10 was discovered to contain a remote code execution (RCE) vulnerability via...
Critical
Unreviewed
CVE-2024-24216
was published
Feb 8, 2024
Distrobox before 1.7.0.1 allows attackers to execute arbitrary code via command injection into...
Critical
Unreviewed
CVE-2024-29864
was published
Mar 21, 2024
An issue discovered in sub_4117F8 function in TOTOLINK X6000R V9.4.0cu.852_B20230719 allows...
Critical
Unreviewed
CVE-2023-52042
was published
Jan 17, 2024
Command Injection vulnerability in D-Link Dir 816 with firmware version DIR-816_A2_v1.10CNB04...
Critical
Unreviewed
CVE-2023-24331
was published
Feb 21, 2024
In Indo-Sol PROFINET-INspektor NT through 2.4.0, a command injection vulnerability in the...
Critical
Unreviewed
CVE-2023-49959
was published
Feb 26, 2024
Beijing Digital China Cloud Technology Co., Ltd. DCME-320 v.7.4.12.60 has a command execution...
Critical
Unreviewed
CVE-2024-42905
was published
Aug 28, 2024
DIR-845L router <= v1.01KRb03 has an Unauthenticated remote code execution vulnerability in the...
Critical
Unreviewed
CVE-2024-29385
was published
Mar 22, 2024
ProTip!
Advisories are also available from the
GraphQL API