Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,198
Erlang
31
GitHub Actions
19
Go
1,986
Maven
5,000+
npm
3,702
NuGet
660
pip
3,328
Pub
11
RubyGems
883
Rust
843
Swift
36
Unreviewed advisories
All unreviewed
5,000+

936 advisories

Loading
GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000... Critical Unreviewed
CVE-2024-39226 was published Aug 6, 2024
A vulnerability in the web-based management interface of Cisco Unified Industrial Wireless... Critical Unreviewed
CVE-2024-20418 was published Nov 6, 2024
DCME-320 v7.4.12.90 was discovered to contain a command injection vulnerability. Critical Unreviewed
CVE-2024-51115 was published Nov 6, 2024
An issue in Lens Visual integration with Power BI v.4.0.0.3 allows a remote attacker to execute... Critical Unreviewed
CVE-2024-48746 was published Nov 6, 2024
Command injection vulnerability in the underlying CLI service could lead to unauthenticated... Critical Unreviewed
CVE-2024-47460 was published Nov 6, 2024
Command injection vulnerability in the underlying CLI service could lead to unauthenticated... Critical Unreviewed
CVE-2024-42509 was published Nov 6, 2024
Grafana Command Injection And Local File Inclusion Via Sql Expressions Critical
CVE-2024-9264 was published for github.com/grafana/grafana (Go) Oct 18, 2024
Malayke
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and... Critical Unreviewed
CVE-2024-51255 was published Oct 31, 2024
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and... Critical Unreviewed
CVE-2024-51259 was published Oct 31, 2024
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and... Critical Unreviewed
CVE-2024-51260 was published Oct 31, 2024
A prompt injection vulnerability in the chatbox of Fusion Chat Chat AI Assistant Ask Me Anything... Critical Unreviewed
CVE-2024-48144 was published Oct 24, 2024
A prompt injection vulnerability in the chatbox of Netangular Technologies ChatNet AI Version v1... Critical Unreviewed
CVE-2024-48145 was published Oct 24, 2024
TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection... Critical Unreviewed
CVE-2023-34215 was published Aug 17, 2023
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and... Critical Unreviewed
CVE-2023-33239 was published Aug 17, 2023
TN-5900 Series firmware versions v3.3 and prior are vulnerable to command-injection vulnerability... Critical Unreviewed
CVE-2023-34213 was published Aug 17, 2023
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and... Critical Unreviewed
CVE-2023-33238 was published Aug 17, 2023
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and... Critical Unreviewed
CVE-2023-34214 was published Aug 17, 2023
A Command injection vulnerability in requestLetsEncryptSsl in NginxProxyManager 2.11.3 allows an... Critical Unreviewed
CVE-2024-46256 was published Sep 27, 2024
SaltStack Salt command injection in the Salt-API when using the Salt-SSH client Critical
CVE-2021-3148 was published for salt (pip) May 24, 2022
An issue in DCME-320-L <=9.3.2.114 allows a remote attacker to execute arbitrary code via the... Critical Unreviewed
CVE-2024-48659 was published Oct 21, 2024
An command injection vulnerability in Trend Micro Cloud Edge could allow a remote attacker to... Critical Unreviewed
CVE-2024-48904 was published Oct 22, 2024
A vulnerability in NuPoint Messenger (NPM) of Mitel MiCollab through 9.8.0.33 allows an... Critical Unreviewed
CVE-2024-35285 was published Oct 21, 2024
A Command Injection vulnerability in Vilo 5 Mesh WiFi System <= 5.16.1.33 allows remote,... Critical Unreviewed
CVE-2024-40089 was published Oct 21, 2024
Command Injection in Simiki Critical
CVE-2020-19001 was published for simiki (pip) Sep 1, 2021
SaltStack Salt is vulnerable to command injection Critical
CVE-2019-17361 was published for salt (pip) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database