Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,793
Erlang
29
GitHub Actions
16
Go
1,710
Maven
4,947
npm
3,475
NuGet
605
pip
3,001
Pub
10
RubyGems
828
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+

864 advisories

An OS command injection vulnerability exists in Akaunting v3.1.3 and earlier. An attacker can... Critical Unreviewed
CVE-2024-22836 was published Feb 8, 2024
An OS command injection vulnerability in Hardy Barth cPH2 eCharge Ladestation v1.87.0 and earlier... Critical Unreviewed
CVE-2023-46359 was published Feb 6, 2024
An improper neutralization of special elements used in an os command ('os command injection') in... Critical Unreviewed
CVE-2024-23108 was published Feb 5, 2024
An improper neutralization of special elements used in an os command ('os command injection') in... Critical Unreviewed
CVE-2024-23109 was published Feb 5, 2024
An issue discovered in shell command execution in ROS2 (Robot Operating System 2) Foxy Fitzroy,... Critical Unreviewed
CVE-2023-51197 was published Jan 31, 2024
OS command injection vulnerability in command processing or system call componentsROS2 (Robot... Critical Unreviewed
CVE-2023-51202 was published Jan 31, 2024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection... Critical Unreviewed
CVE-2024-24333 was published Jan 30, 2024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection... Critical Unreviewed
CVE-2024-24327 was published Jan 30, 2024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection... Critical Unreviewed
CVE-2024-24328 was published Jan 30, 2024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection... Critical Unreviewed
CVE-2024-24332 was published Jan 30, 2024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection... Critical Unreviewed
CVE-2024-24331 was published Jan 30, 2024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection... Critical Unreviewed
CVE-2024-24329 was published Jan 30, 2024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection... Critical Unreviewed
CVE-2024-24330 was published Jan 30, 2024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection... Critical Unreviewed
CVE-2024-24325 was published Jan 30, 2024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection... Critical Unreviewed
CVE-2024-24326 was published Jan 30, 2024
An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the status path script... Critical Unreviewed
CVE-2023-38323 was published Jan 26, 2024
An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the FAS key entry in the... Critical Unreviewed
CVE-2023-38319 was published Jan 26, 2024
An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the network interface name... Critical Unreviewed
CVE-2023-38317 was published Jan 26, 2024
An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the gateway FQDN entry in... Critical Unreviewed
CVE-2023-38318 was published Jan 26, 2024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection... Critical Unreviewed
CVE-2024-23058 was published Jan 11, 2024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection... Critical Unreviewed
CVE-2024-23060 was published Jan 11, 2024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection... Critical Unreviewed
CVE-2024-23061 was published Jan 11, 2024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection... Critical Unreviewed
CVE-2024-23059 was published Jan 11, 2024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection... Critical Unreviewed
CVE-2024-23057 was published Jan 11, 2024
D-Link DIR-822+ V1.0.2 was found to contain a command injection in SetStaticRouteSettings... Critical Unreviewed
CVE-2023-51984 was published Jan 11, 2024
ProTip! Advisories are also available from the GraphQL API