Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

774 advisories

Loading
Improper Input Validation vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise,... Critical Unreviewed
CVE-2023-0636 was published Jul 6, 2023
TELSAT marKoni FM Transmitters are vulnerable to a command injection vulnerability through the... Critical Unreviewed
CVE-2024-39373 was published Jun 27, 2024
COMFAST CF-XR11 V2.7.2 has a command injection vulnerability in function sub_424CB4. Attackers... Critical Unreviewed
CVE-2024-44466 was published Sep 11, 2024
Improper Input Validation vulnerability in Hillstone Networks Hillstone Networks Web Application... Critical Unreviewed
CVE-2024-8073 was published Aug 26, 2024
TOTOLINK EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command... Critical Unreviewed
CVE-2023-51014 was published Dec 22, 2023
Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were... Critical Unreviewed
CVE-2022-27005 was published Mar 17, 2022
TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to an unauthorized arbitrary command... Critical Unreviewed
CVE-2023-51025 was published Dec 22, 2023
CVE-2024-45824 IMPACT A remote code vulnerability exists in the affected products. The... Critical Unreviewed
CVE-2024-45824 was published Sep 12, 2024
Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were... Critical Unreviewed
CVE-2022-27004 was published Mar 17, 2022
Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were... Critical Unreviewed
CVE-2022-27003 was published Mar 17, 2022
D-Link DI-8300 v16.07.26A1 is vulnerable to command injection via the upgrade_filter_asp function. Critical Unreviewed
CVE-2024-44410 was published Sep 9, 2024
tinyfiledialogs (aka tiny file dialogs) before 3.15.0 allows shell metacharacters (such as a... Critical Unreviewed
CVE-2023-47104 was published Oct 30, 2023
D-Link DI-8100G 17.12.20A1 is vulnerable to Command Injection via msp_info.htm. Critical Unreviewed
CVE-2024-44402 was published Sep 6, 2024
D-Link DI-8100G 17.12.20A1 is vulnerable to Command Injection via sub47A60C function in the... Critical Unreviewed
CVE-2024-44401 was published Sep 6, 2024
An issue in TOTOlink X6000R V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary... Critical Unreviewed
CVE-2023-46485 was published Oct 31, 2023
An issue in TOTOlink X6000R V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary... Critical Unreviewed
CVE-2023-46484 was published Oct 31, 2023
An issue in the handler function in /goform/telnet of Tenda FH1201 v1.2.0.14 (408) allows... Critical Unreviewed
CVE-2024-42947 was published Aug 15, 2024
Qualitor through 8.20 allows remote attackers to execute arbitrary code via PHP code in the html... Critical Unreviewed
CVE-2023-47253 was published Nov 6, 2023
Zentao v18.0 to v18.10 was discovered to contain a remote code execution (RCE) vulnerability via... Critical Unreviewed
CVE-2024-24216 was published Feb 8, 2024
Distrobox before 1.7.0.1 allows attackers to execute arbitrary code via command injection into... Critical Unreviewed
CVE-2024-29864 was published Mar 21, 2024
An issue discovered in sub_4117F8 function in TOTOLINK X6000R V9.4.0cu.852_B20230719 allows... Critical Unreviewed
CVE-2023-52042 was published Jan 17, 2024
Command Injection vulnerability in D-Link Dir 816 with firmware version DIR-816_A2_v1.10CNB04... Critical Unreviewed
CVE-2023-24331 was published Feb 21, 2024
In Indo-Sol PROFINET-INspektor NT through 2.4.0, a command injection vulnerability in the... Critical Unreviewed
CVE-2023-49959 was published Feb 26, 2024
Beijing Digital China Cloud Technology Co., Ltd. DCME-320 v.7.4.12.60 has a command execution... Critical Unreviewed
CVE-2024-42905 was published Aug 28, 2024
DIR-845L router <= v1.01KRb03 has an Unauthenticated remote code execution vulnerability in the... Critical Unreviewed
CVE-2024-29385 was published Mar 22, 2024
ProTip! Advisories are also available from the GraphQL API