GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
916 advisories
Filter by severity
Jensen of Scandinavia Eagle 1200AC V15.03.06.33_en was discovered to contain a command injection...
High
Unreviewed
CVE-2023-24135
was published
Jan 22, 2024
The Newsletters WordPress plugin before 4.9.3 does not properly escape user-controlled parameters...
High
Unreviewed
CVE-2023-4797
was published
Jan 16, 2024
PAX Android based POS devices with PayDroid_8.1.0_Sagittarius_V11.1.50_20230614 or earlier can...
High
Unreviewed
CVE-2023-42136
was published
Jan 15, 2024
The LearnPress plugin for WordPress is vulnerable to Command Injection in all versions up to, and...
High
Unreviewed
CVE-2023-6634
was published
Jan 11, 2024
Azure Storage Mover Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-20676
was published
Jan 9, 2024
An OS command injection vulnerability has been reported to affect QuMagie. If exploited, the...
High
Unreviewed
CVE-2023-47560
was published
Jan 5, 2024
Shell Injection vulnerability GL.iNet A1300 v4.4.6, AX1800 v4.4.6, AXT1800 v4.4.6, MT3000 v4.4.6,...
High
Unreviewed
CVE-2023-50445
was published
Dec 28, 2023
An issue was discovered in Peplink Balance Two before 8.4.0. Command injection in the traceroute...
High
Unreviewed
CVE-2023-49226
was published
Dec 25, 2023
A command injection vulnerability exists in Bosch IP cameras that allows an authenticated user...
High
Unreviewed
CVE-2023-39509
was published
Dec 22, 2023
A vulnerability was found in kalcaddle kodbox up to 1.48. It has been declared as critical....
High
Unreviewed
CVE-2023-6848
was published
Dec 16, 2023
There is a command injection vulnerability in some ZTE mobile internet products. Due to...
High
Unreviewed
CVE-2023-25643
was published
Dec 14, 2023
An improper neutralization of special elements used in a command ('Command Injection')...
High
Unreviewed
CVE-2023-48791
was published
Dec 13, 2023
An Improper Neutralization of Special Elements used in a command vulnerability in ESM prior to...
High
Unreviewed
CVE-2023-6071
was published
Nov 30, 2023
The API endpoints in Ironman PowerShell Universal 3.0.0 through 4.2.0 allow remote attackers to...
High
Unreviewed
CVE-2023-49213
was published
Nov 24, 2023
Multiple authenticated command injection vulnerabilities exist in the command line interface....
High
Unreviewed
CVE-2023-45625
was published
Nov 15, 2023
An issue in Netgate pfSense v.2.7.0 allows a remote attacker to execute arbitrary code via a...
High
Unreviewed
CVE-2023-42326
was published
Nov 14, 2023
Multiple vulnerabilities in the web-based management interface of Cisco Firepower Management...
High
Unreviewed
CVE-2023-20220
was published
Nov 1, 2023
Multiple vulnerabilities in the web management interface of Cisco Firepower Management Center ...
High
Unreviewed
CVE-2023-20219
was published
Nov 1, 2023
ZPE Systems, Inc Nodegrid OS v5.0.0 to v5.0.17, v5.2.0 to v5.2.19, v5.4.0 to v5.4.16, v5.6.0 to...
High
Unreviewed
CVE-2023-43322
was published
Oct 28, 2023
An issue was discovered in SuperWebMailer 9.00.0.01710. It allows Remote Code Execution via a...
High
Unreviewed
CVE-2023-38193
was published
Oct 21, 2023
GoSecure on behalf of Genetec Inc. has found a flaw that allows for a remote code execution...
High
Unreviewed
CVE-2023-21413
was published
Oct 16, 2023
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability...
High
Unreviewed
CVE-2023-26320
was published
Oct 11, 2023
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability...
High
Unreviewed
CVE-2023-26319
was published
Oct 11, 2023
A command injection in the parsing_xml_stasurvey function inside libcgifunc.so of the D-Link DAP...
High
Unreviewed
CVE-2023-45208
was published
Oct 10, 2023
An issue in ZenTao Community Edition v.18.6 and before, ZenTao Biz v.8.6 and before, ZenTao Max v...
High
Unreviewed
CVE-2023-44827
was published
Oct 10, 2023
ProTip!
Advisories are also available from the
GraphQL API