Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,444
Erlang
29
GitHub Actions
16
Go
1,668
Maven
4,928
npm
3,458
NuGet
595
pip
2,876
Pub
10
RubyGems
823
Rust
766
Swift
34
Unreviewed advisories
All unreviewed
5,000+

1,987 advisories

Tenda i29 v1.0 V1.0.0.5 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2023-50989 was published Dec 21, 2023
mlflow Command Injection vulnerability High
CVE-2023-6940 was published for mlflow (pip) Dec 19, 2023
A vulnerability was found in kalcaddle kodbox up to 1.48. It has been declared as critical.... High Unreviewed
CVE-2023-6848 was published Dec 16, 2023
MajorDoMo (aka Major Domestic Module) before 0662e5e allows command execution via thumb.php shell... Critical Unreviewed
CVE-2023-50917 was published Dec 15, 2023
A Command Injection vulnerability exists in NETGEAR WNR2000v4 version 1.0.0.70. When using HTTP... Critical Unreviewed
CVE-2023-50089 was published Dec 15, 2023
Apache StreamPark: Authenticated system users could trigger remote command execution Critical
CVE-2023-49898 was published for org.apache.streampark:streampark (Maven) Dec 15, 2023
Gradio Exposure of Sensitive Information to an Unauthorized Actor vulnerability Critical
CVE-2023-6572 was published for gradio (pip) Dec 14, 2023
There is a command injection vulnerability in some ZTE mobile internet products. Due to... High Unreviewed
CVE-2023-25643 was published Dec 14, 2023
An improper neutralization of special elements used in a command ('Command Injection')... High Unreviewed
CVE-2023-48791 was published Dec 13, 2023
In Red Hat Advanced Cluster Security (RHACS), it was found that some security related HTTP... Moderate Unreviewed
CVE-2023-4958 was published Dec 12, 2023
SAP Solution Manager - version 720, allows an authorized attacker to execute certain deprecated... Moderate Unreviewed
CVE-2023-49587 was published Dec 12, 2023
NETSCOUT nGeniusPULSE 3.8 has a Command Injection Vulnerability. Critical Unreviewed
CVE-2023-40301 was published Dec 7, 2023
Tenda AX9 V22.03.01.46 has been discovered to contain a command injection vulnerability in the ... Critical Unreviewed
CVE-2023-49431 was published Dec 7, 2023
Tenda AX9 V22.03.01.46 is vulnerable to command injection. Critical Unreviewed
CVE-2023-49435 was published Dec 7, 2023
Tenda AX9 V22.03.01.46 has been discovered to contain a command injection vulnerability in the ... Critical Unreviewed
CVE-2023-49436 was published Dec 7, 2023
Tenda AX12 V22.03.01.46 has been discovered to contain a command injection vulnerability in the ... Critical Unreviewed
CVE-2023-49437 was published Dec 7, 2023
Tenda AX12 V22.03.01.46 has been discovered to contain a command injection vulnerability in the ... Critical Unreviewed
CVE-2023-49428 was published Dec 7, 2023
An issue was discovered on Connectize AC21000 G6 641.139.1.1256 allows attackers to run arbitrary... Moderate Unreviewed
CVE-2023-24046 was published Dec 5, 2023
In TOTOLINK X6000R_Firmware V9.4.0cu.852_B20230719, the shttpd file sub_415534 function obtains... Critical Unreviewed
CVE-2023-48801 was published Dec 2, 2023
D-Link Go-RT-AC750 revA_v101b03 was discovered to contain a command injection vulnerability via... Critical Unreviewed
CVE-2023-48842 was published Dec 1, 2023
An issue in TOTOLINK X6000R V9.4.0cu.652_B20230116 and V9.4.0cu.852_B20230719 allows a remote... Critical Unreviewed
CVE-2023-43454 was published Dec 1, 2023
An issue in TOTOLINK X6000R V9.4.0cu.652_B20230116 and V9.4.0cu.852_B20230719 allows a remote... Critical Unreviewed
CVE-2023-43455 was published Dec 1, 2023
An issue in TOTOLINK X6000R V9.4.0cu.652_B20230116 and V9.4.0cu.852_B20230719 allows a remote... Critical Unreviewed
CVE-2023-43453 was published Dec 1, 2023
An Improper Neutralization of Special Elements used in a command vulnerability in ESM prior to... High Unreviewed
CVE-2023-6071 was published Nov 30, 2023
An issue in Tneda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the... Critical Unreviewed
CVE-2023-49040 was published Nov 27, 2023
ProTip! Advisories are also available from the GraphQL API