GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,869
Erlang
29
GitHub Actions
16
Go
1,717
Maven
4,951
npm
3,480
NuGet
605
pip
3,026
Pub
10
RubyGems
832
Rust
776
Swift
34
Unreviewed advisories
All unreviewed
5,000+
1,709 advisories
Filter by severity
A vulnerability was found in csmock where a regular user of the OSH service (anyone with a valid...
High
Unreviewed
CVE-2024-2243
was published
Apr 10, 2024
A improper neutralization of special elements used in an os command ('os command injection') in...
High
Unreviewed
CVE-2024-21756
was published
Apr 9, 2024
A improper neutralization of special elements used in an os command ('os command injection') in...
High
Unreviewed
CVE-2024-21755
was published
Apr 9, 2024
An remote attacker with low privileges can perform a command injection which can lead to root...
High
Unreviewed
CVE-2023-1082
was published
Apr 9, 2024
Remote code execution (RCE) vulnerability in Brocade Fabric OS after v9.0 and before v9.2.0 could...
High
Unreviewed
CVE-2023-3454
was published
Apr 4, 2024
Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. An...
High
Unreviewed
CVE-2024-25955
was published
Mar 28, 2024
Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. An...
High
Unreviewed
CVE-2024-25946
was published
Mar 28, 2024
A vulnerability classified as critical was found in Ruijie RG-EG350 up to 20240318. Affected by...
High
Unreviewed
CVE-2024-2909
was published
Mar 26, 2024
ansys-geometry-core OS Command Injection vulnerability
High
CVE-2024-29189
was published
for
ansys-geometry-core
(pip)
Mar 25, 2024
Command Injection in the diagnostics interface of the Bosch Network Synchronizer allows...
High
Unreviewed
CVE-2024-25002
was published
Mar 25, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')...
High
Unreviewed
CVE-2024-24890
was published
Mar 25, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')...
High
Unreviewed
CVE-2024-24899
was published
Mar 25, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')...
High
Unreviewed
CVE-2021-33633
was published
Mar 23, 2024
An OS command injection vulnerability has been identified in LoadMaster. An authenticated UI...
High
Unreviewed
CVE-2024-2448
was published
Mar 22, 2024
An OS Command Injection vulnerability in Kiloview NDI allows a low-privileged user to execute...
High
Unreviewed
CVE-2024-2162
was published
Mar 21, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')...
High
Unreviewed
CVE-2023-44092
was published
Mar 19, 2024
Unitronics Unistream Unilogic – Versions prior to 1.35.227 -
CWE-78: 'OS Command Injection' may...
High
Unreviewed
CVE-2024-27772
was published
Mar 18, 2024
Nuclei allows unsigned code template execution through workflows
High
CVE-2024-27920
was published
for
github.com/projectdiscovery/nuclei/v3
(Go)
Mar 15, 2024
Command injection vulnerability in Movistar 4G router affecting version ES_WLD71-T1_v2.0.201820....
High
Unreviewed
CVE-2024-2415
was published
Mar 13, 2024
A vulnerability, which was classified as critical, has been found in Totolink X6000R 9.4.0cu...
High
Unreviewed
CVE-2024-2353
was published
Mar 10, 2024
IBM Security Guardium Key Lifecycle Manager 3.0, 3.0.1, 4.0, 4.1, and 4.1.1 could allow a remote...
High
Unreviewed
CVE-2023-25925
was published
Feb 29, 2024
A DLL injection vulnerability exists where an authenticated, low-privileged local attacker could...
High
Unreviewed
CVE-2024-1683
was published
Feb 23, 2024
A post-authentication command injection vulnerability in the file upload binary in Zyxel ATP...
High
Unreviewed
CVE-2023-6398
was published
Feb 20, 2024
A command injection vulnerability exists where an authenticated, remote attacker with...
High
Unreviewed
CVE-2024-1367
was published
Feb 15, 2024
A vulnerability has been identified in SINEC NMS (All versions < V2.0 SP1). The affected...
High
Unreviewed
CVE-2024-23812
was published
Feb 13, 2024
ProTip!
Advisories are also available from the
GraphQL API