GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
774 advisories
Filter by severity
CVE-2024-45824 IMPACT
A remote
code vulnerability exists in the affected products. The...
Critical
Unreviewed
CVE-2024-45824
was published
Sep 12, 2024
COMFAST CF-XR11 V2.7.2 has a command injection vulnerability in function sub_424CB4. Attackers...
Critical
Unreviewed
CVE-2024-44466
was published
Sep 11, 2024
D-Link DI-8300 v16.07.26A1 is vulnerable to command injection via the upgrade_filter_asp function.
Critical
Unreviewed
CVE-2024-44410
was published
Sep 9, 2024
D-Link DI-8100G 17.12.20A1 is vulnerable to Command Injection via msp_info.htm.
Critical
Unreviewed
CVE-2024-44402
was published
Sep 6, 2024
D-Link DI-8100G 17.12.20A1 is vulnerable to Command Injection via sub47A60C function in the...
Critical
Unreviewed
CVE-2024-44401
was published
Sep 6, 2024
Beijing Digital China Cloud Technology Co., Ltd. DCME-320 v.7.4.12.60 has a command execution...
Critical
Unreviewed
CVE-2024-42905
was published
Aug 28, 2024
Improper Input Validation vulnerability in Hillstone Networks Hillstone Networks Web Application...
Critical
Unreviewed
CVE-2024-8073
was published
Aug 26, 2024
An issue in the handler function in /goform/telnet of Tenda FH1201 v1.2.0.14 (408) allows...
Critical
Unreviewed
CVE-2024-42947
was published
Aug 15, 2024
Multiple OS command injection vulnerabilities affecting Vonets
industrial wifi bridge relays...
Critical
Unreviewed
CVE-2024-37023
was published
Aug 12, 2024
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability...
Critical
Unreviewed
CVE-2024-21878
was published
Aug 12, 2024
An issue in Koha ILS 23.05 and before allows a remote attacker to execute arbitrary code via a...
Critical
Unreviewed
CVE-2024-28739
was published
Aug 6, 2024
Improper filering of special characters result in a command ('command injection') vulnerability...
Critical
Unreviewed
CVE-2024-7397
was published
Aug 5, 2024
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability...
Critical
Unreviewed
CVE-2024-41319
was published
Jul 23, 2024
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability...
Critical
Unreviewed
CVE-2024-41318
was published
Jul 22, 2024
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability...
Critical
Unreviewed
CVE-2024-41316
was published
Jul 22, 2024
This vulnerability allows an unauthenticated attacker to achieve remote command execution on the...
Critical
Unreviewed
CVE-2024-38492
was published
Jul 15, 2024
Sourcecodester Poultry Farm Management System v1.0 contains an Unauthenticated Remote Code...
Critical
Unreviewed
CVE-2024-40110
was published
Jul 12, 2024
An issue was discovered in SeaCMS <=12.9 which allows remote attackers to execute arbitrary code...
Critical
Unreviewed
CVE-2024-39028
was published
Jul 5, 2024
TELSAT marKoni FM Transmitters are vulnerable to a command injection vulnerability through the...
Critical
Unreviewed
CVE-2024-39373
was published
Jun 27, 2024
In WhatsUp Gold versions released before 2023.1.3, a Remote Code Execution issue exists in...
Critical
Unreviewed
CVE-2024-4883
was published
Jun 25, 2024
In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Remote Code Execution...
Critical
Unreviewed
CVE-2024-4884
was published
Jun 25, 2024
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability...
Critical
Unreviewed
CVE-2024-37091
was published
Jun 24, 2024
Actual Analyzer through 2014-08-29 allows code execution via shell metacharacters because...
Critical
Unreviewed
CVE-2014-5470
was published
Jun 22, 2024
TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a command injection vulnerability...
Critical
Unreviewed
CVE-2024-37642
was published
Jun 14, 2024
Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 on Windows allows command injection via...
Critical
Unreviewed
CVE-2024-37385
was published
Jun 7, 2024
ProTip!
Advisories are also available from the
GraphQL API