Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,847
Erlang
29
GitHub Actions
16
Go
1,715
Maven
4,951
npm
3,480
NuGet
605
pip
3,024
Pub
10
RubyGems
832
Rust
776
Swift
34
Unreviewed advisories
All unreviewed
5,000+

866 advisories

An OS command injection vulnerability exists in web2py 2.24.1 and earlier. When the product is... Critical Unreviewed
CVE-2023-45158 was published Oct 16, 2023
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2023-45467 was published Oct 13, 2023
A improper neutralization of special elements used in an os command ('os command injection') in... Critical Unreviewed
CVE-2023-36548 was published Oct 10, 2023
A improper neutralization of special elements used in an os command ('os command injection') in... Critical Unreviewed
CVE-2023-34992 was published Oct 10, 2023
A improper neutralization of special elements used in an os command ('os command injection') in... Critical Unreviewed
CVE-2023-36550 was published Oct 10, 2023
A improper neutralization of special elements used in an os command ('os command injection') in... Critical Unreviewed
CVE-2023-34993 was published Oct 10, 2023
A improper neutralization of special elements used in an os command ('os command injection') in... Critical Unreviewed
CVE-2023-36547 was published Oct 10, 2023
A improper neutralization of special elements used in an os command ('os command injection') in... Critical Unreviewed
CVE-2023-36549 was published Oct 10, 2023
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an operating system... Critical Unreviewed
CVE-2023-30805 was published Oct 10, 2023
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an operating system... Critical Unreviewed
CVE-2023-30806 was published Oct 10, 2023
An issue was discovered in DTS Monitoring 3.57.0. The parameter common_name within the SSL... Critical Unreviewed
CVE-2023-33271 was published Oct 3, 2023
An issue was discovered in DTS Monitoring 3.57.0. The parameter ip within the Ping check function... Critical Unreviewed
CVE-2023-33272 was published Oct 3, 2023
An issue was discovered in DTS Monitoring 3.57.0. The parameter url within the Curl check... Critical Unreviewed
CVE-2023-33270 was published Oct 3, 2023
An issue was discovered in DTS Monitoring 3.57.0. The parameter url within the WGET check... Critical Unreviewed
CVE-2023-33273 was published Oct 3, 2023
An issue was discovered in DTS Monitoring 3.57.0. The parameter options within the WGET check... Critical Unreviewed
CVE-2023-33269 was published Oct 3, 2023
An issue was discovered in DTS Monitoring 3.57.0. The parameter port within the SSL Certificate... Critical Unreviewed
CVE-2023-33268 was published Oct 3, 2023
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2023-43893 was published Oct 3, 2023
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2023-43892 was published Oct 3, 2023
An OS command injection vulnerability has been found on EasyPHP Webserver affecting version 14.1... Critical Unreviewed
CVE-2023-3767 was published Sep 27, 2023
D-LINK DIR-806 1200M11AC wireless router DIR806A1_FW100CNb11 is vulnerable to command injection. Critical Unreviewed
CVE-2023-43130 was published Sep 23, 2023
D-LINK DIR-806 1200M11AC wireless router DIR806A1_FW100CNb11 is vulnerable to command injection... Critical Unreviewed
CVE-2023-43129 was published Sep 23, 2023
Foreman Transpilation Enables OS Command Injection Critical
CVE-2022-3874 was published for foreman (RubyGems) Sep 22, 2023 withdrawn
drewblas MH4GF
hoshinotsuyoshi fesplugas-drms olleolleolle evgeni mrnovalles aramprice
An arbitrary code execution flaw was found in Foreman. This flaw allows an admin user to bypass... Critical Unreviewed
CVE-2023-0118 was published Sep 20, 2023
Freewill iFIS (aka SMART Trade) 20.01.01.04 allows OS Command Injection via shell metacharacters... Critical Unreviewed
CVE-2023-28614 was published Sep 15, 2023
F-RevoCRM version7.3.7 and version7.3.8 contains an OS command injection vulnerability. If this... Critical Unreviewed
CVE-2023-41149 was published Sep 6, 2023
ProTip! Advisories are also available from the GraphQL API