GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,847
Erlang
29
GitHub Actions
16
Go
1,715
Maven
4,951
npm
3,480
NuGet
605
pip
3,024
Pub
10
RubyGems
832
Rust
776
Swift
34
Unreviewed advisories
All unreviewed
5,000+
866 advisories
Filter by severity
An OS command injection vulnerability exists in web2py 2.24.1 and earlier. When the product is...
Critical
Unreviewed
CVE-2023-45158
was published
Oct 16, 2023
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the...
Critical
Unreviewed
CVE-2023-45467
was published
Oct 13, 2023
A improper neutralization of special elements used in an os command ('os command injection') in...
Critical
Unreviewed
CVE-2023-36548
was published
Oct 10, 2023
A improper neutralization of special elements used in an os command ('os command injection') in...
Critical
Unreviewed
CVE-2023-34992
was published
Oct 10, 2023
A improper neutralization of special elements used in an os command ('os command injection') in...
Critical
Unreviewed
CVE-2023-36550
was published
Oct 10, 2023
A improper neutralization of special elements used in an os command ('os command injection') in...
Critical
Unreviewed
CVE-2023-34993
was published
Oct 10, 2023
A improper neutralization of special elements used in an os command ('os command injection') in...
Critical
Unreviewed
CVE-2023-36547
was published
Oct 10, 2023
A improper neutralization of special elements used in an os command ('os command injection') in...
Critical
Unreviewed
CVE-2023-36549
was published
Oct 10, 2023
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an operating system...
Critical
Unreviewed
CVE-2023-30805
was published
Oct 10, 2023
The Sangfor Next-Gen Application Firewall version NGAF8.0.17 is vulnerable to an operating system...
Critical
Unreviewed
CVE-2023-30806
was published
Oct 10, 2023
An issue was discovered in DTS Monitoring 3.57.0. The parameter common_name within the SSL...
Critical
Unreviewed
CVE-2023-33271
was published
Oct 3, 2023
An issue was discovered in DTS Monitoring 3.57.0. The parameter ip within the Ping check function...
Critical
Unreviewed
CVE-2023-33272
was published
Oct 3, 2023
An issue was discovered in DTS Monitoring 3.57.0. The parameter url within the Curl check...
Critical
Unreviewed
CVE-2023-33270
was published
Oct 3, 2023
An issue was discovered in DTS Monitoring 3.57.0. The parameter url within the WGET check...
Critical
Unreviewed
CVE-2023-33273
was published
Oct 3, 2023
An issue was discovered in DTS Monitoring 3.57.0. The parameter options within the WGET check...
Critical
Unreviewed
CVE-2023-33269
was published
Oct 3, 2023
An issue was discovered in DTS Monitoring 3.57.0. The parameter port within the SSL Certificate...
Critical
Unreviewed
CVE-2023-33268
was published
Oct 3, 2023
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the...
Critical
Unreviewed
CVE-2023-43893
was published
Oct 3, 2023
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the...
Critical
Unreviewed
CVE-2023-43892
was published
Oct 3, 2023
An OS command injection vulnerability has been found on EasyPHP Webserver affecting version 14.1...
Critical
Unreviewed
CVE-2023-3767
was published
Sep 27, 2023
D-LINK DIR-806 1200M11AC wireless router DIR806A1_FW100CNb11 is vulnerable to command injection.
Critical
Unreviewed
CVE-2023-43130
was published
Sep 23, 2023
D-LINK DIR-806 1200M11AC wireless router DIR806A1_FW100CNb11 is vulnerable to command injection...
Critical
Unreviewed
CVE-2023-43129
was published
Sep 23, 2023
Foreman Transpilation Enables OS Command Injection
Critical
CVE-2022-3874
was published
for
foreman
(RubyGems)
Sep 22, 2023
•
withdrawn
An arbitrary code execution flaw was found in Foreman. This flaw allows an admin user to bypass...
Critical
Unreviewed
CVE-2023-0118
was published
Sep 20, 2023
Freewill iFIS (aka SMART Trade) 20.01.01.04 allows OS Command Injection via shell metacharacters...
Critical
Unreviewed
CVE-2023-28614
was published
Sep 15, 2023
F-RevoCRM version7.3.7 and version7.3.8 contains an OS command injection vulnerability. If this...
Critical
Unreviewed
CVE-2023-41149
was published
Sep 6, 2023
ProTip!
Advisories are also available from the
GraphQL API