Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,869
Erlang
29
GitHub Actions
16
Go
1,717
Maven
4,951
npm
3,480
NuGet
605
pip
3,026
Pub
10
RubyGems
832
Rust
776
Swift
34
Unreviewed advisories
All unreviewed
5,000+

1,709 advisories

A vulnerability was found in csmock where a regular user of the OSH service (anyone with a valid... High Unreviewed
CVE-2024-2243 was published Apr 10, 2024
A improper neutralization of special elements used in an os command ('os command injection') in... High Unreviewed
CVE-2024-21756 was published Apr 9, 2024
A improper neutralization of special elements used in an os command ('os command injection') in... High Unreviewed
CVE-2024-21755 was published Apr 9, 2024
An remote attacker with low privileges can perform a command injection which can lead to root... High Unreviewed
CVE-2023-1082 was published Apr 9, 2024
Remote code execution (RCE) vulnerability in Brocade Fabric OS after v9.0 and before v9.2.0 could... High Unreviewed
CVE-2023-3454 was published Apr 4, 2024
Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. An... High Unreviewed
CVE-2024-25955 was published Mar 28, 2024
Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. An... High Unreviewed
CVE-2024-25946 was published Mar 28, 2024
A vulnerability classified as critical was found in Ruijie RG-EG350 up to 20240318. Affected by... High Unreviewed
CVE-2024-2909 was published Mar 26, 2024
ansys-geometry-core OS Command Injection vulnerability High
CVE-2024-29189 was published for ansys-geometry-core (pip) Mar 25, 2024
RobPasMue
Command Injection in the diagnostics interface of the Bosch Network Synchronizer allows... High Unreviewed
CVE-2024-25002 was published Mar 25, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... High Unreviewed
CVE-2024-24890 was published Mar 25, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... High Unreviewed
CVE-2024-24899 was published Mar 25, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... High Unreviewed
CVE-2021-33633 was published Mar 23, 2024
An OS command injection vulnerability has been identified in LoadMaster.  An authenticated UI... High Unreviewed
CVE-2024-2448 was published Mar 22, 2024
An OS Command Injection vulnerability in Kiloview NDI allows a low-privileged user to execute... High Unreviewed
CVE-2024-2162 was published Mar 21, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... High Unreviewed
CVE-2023-44092 was published Mar 19, 2024
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-78: 'OS Command Injection' may... High Unreviewed
CVE-2024-27772 was published Mar 18, 2024
Nuclei allows unsigned code template execution through workflows High
CVE-2024-27920 was published for github.com/projectdiscovery/nuclei/v3 (Go) Mar 15, 2024
Command injection vulnerability in Movistar 4G router affecting version ES_WLD71-T1_v2.0.201820.... High Unreviewed
CVE-2024-2415 was published Mar 13, 2024
A vulnerability, which was classified as critical, has been found in Totolink X6000R 9.4.0cu... High Unreviewed
CVE-2024-2353 was published Mar 10, 2024
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 could allow a remote... High Unreviewed
CVE-2023-25925 was published Feb 29, 2024
A DLL injection vulnerability exists where an authenticated, low-privileged local attacker could... High Unreviewed
CVE-2024-1683 was published Feb 23, 2024
A post-authentication command injection vulnerability in the file upload binary in Zyxel ATP... High Unreviewed
CVE-2023-6398 was published Feb 20, 2024
A command injection vulnerability exists where an authenticated, remote attacker with... High Unreviewed
CVE-2024-1367 was published Feb 15, 2024
A vulnerability has been identified in SINEC NMS (All versions < V2.0 SP1). The affected... High Unreviewed
CVE-2024-23812 was published Feb 13, 2024
ProTip! Advisories are also available from the GraphQL API