Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,844
Erlang
29
GitHub Actions
16
Go
1,715
Maven
4,950
npm
3,480
NuGet
605
pip
3,024
Pub
10
RubyGems
832
Rust
776
Swift
34
Unreviewed advisories
All unreviewed
5,000+

2,859 advisories

LocalAI Command Injection in audioToWav Critical
CVE-2024-2029 was published for github.com/go-skynet/LocalAI (Go) Apr 10, 2024
An OS Command Injection vulnerability exists in the '/open_code_folder' endpoint of the parisneo... Critical Unreviewed
CVE-2024-1520 was published Apr 10, 2024
yt-dlp: `--exec` command injection when using `%q` in yt-dlp on Windows (Bypass of CVE-2023-40581) High
CVE-2024-22423 was published for yt-dlp (pip) Apr 10, 2024
Ry0taK Grub4K
pukkandan
A vulnerability was found in csmock where a regular user of the OSH service (anyone with a valid... High Unreviewed
CVE-2024-2243 was published Apr 10, 2024
A improper neutralization of special elements used in an os command ('os command injection') in... High Unreviewed
CVE-2024-21756 was published Apr 9, 2024
A improper neutralization of special elements used in an os command ('os command injection') in... High Unreviewed
CVE-2024-21755 was published Apr 9, 2024
An improper neutralization of special elements used in an os command ('os command injection') in... Moderate Unreviewed
CVE-2023-47540 was published Apr 9, 2024
A command injection vulnerability exists in the processAnalyticsReport method from the com.webos... Critical Unreviewed
CVE-2023-6318 was published Apr 9, 2024
A command injection vulnerability exists in the com.webos.service.connectionmanager/tv... Critical Unreviewed
CVE-2023-6320 was published Apr 9, 2024
A command injection vulnerability exists in the getAudioMetadata method from the com.webos... Critical Unreviewed
CVE-2023-6319 was published Apr 9, 2024
An remote attacker with low privileges can perform a command injection which can lead to root... High Unreviewed
CVE-2023-1082 was published Apr 9, 2024
Command injection vulnerability in the AccountManager module. Impact: Successful exploitation of... Unknown Unreviewed
CVE-2024-30414 was published Apr 7, 2024
A vulnerability was found in Byzro Smart S80 up to 20240328. It has been declared as critical.... Moderate Unreviewed
CVE-2024-3346 was published Apr 5, 2024
Remote code execution (RCE) vulnerability in Brocade Fabric OS after v9.0 and before v9.2.0 could... High Unreviewed
CVE-2023-3454 was published Apr 4, 2024
TP-Link Omada ER605 Access Control Command Injection Remote Code Execution Vulnerability. This... Moderate Unreviewed
CVE-2024-1180 was published Apr 3, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed
CVE-2023-25699 was published Apr 3, 2024
In Flowmon versions prior to 11.1.14 and 12.3.5, an operating system command injection... Critical Unreviewed
CVE-2024-2389 was published Apr 2, 2024
Voltronic Power ViewPower Pro getMacAddressByIp Command Injection Remote Code Execution... Critical Unreviewed
CVE-2023-51572 was published Apr 2, 2024
Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. An... High Unreviewed
CVE-2024-25955 was published Mar 28, 2024
Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. An... High Unreviewed
CVE-2024-25946 was published Mar 28, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed
CVE-2023-6437 was published Mar 28, 2024
Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC... Unknown Unreviewed
CVE-2024-28015 was published Mar 28, 2024
A vulnerability classified as critical was found in Ruijie RG-EG350 up to 20240318. Affected by... High Unreviewed
CVE-2024-2909 was published Mar 26, 2024
A vulnerability, which was classified as critical, has been found in Ruijie RG-EG350 up to... Moderate Unreviewed
CVE-2024-2910 was published Mar 26, 2024
A vulnerability classified as critical has been found in Tenda AC7 15.03.06.44. Affected is the... Moderate Unreviewed
CVE-2024-2897 was published Mar 26, 2024
ProTip! Advisories are also available from the GraphQL API