GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,844
Erlang
29
GitHub Actions
16
Go
1,715
Maven
4,950
npm
3,480
NuGet
605
pip
3,024
Pub
10
RubyGems
832
Rust
776
Swift
34
Unreviewed advisories
All unreviewed
5,000+
2,859 advisories
Filter by severity
LocalAI Command Injection in audioToWav
Critical
CVE-2024-2029
was published
for
github.com/go-skynet/LocalAI
(Go)
Apr 10, 2024
An OS Command Injection vulnerability exists in the '/open_code_folder' endpoint of the parisneo...
Critical
Unreviewed
CVE-2024-1520
was published
Apr 10, 2024
yt-dlp: `--exec` command injection when using `%q` in yt-dlp on Windows (Bypass of CVE-2023-40581)
High
CVE-2024-22423
was published
for
yt-dlp
(pip)
Apr 10, 2024
A vulnerability was found in csmock where a regular user of the OSH service (anyone with a valid...
High
Unreviewed
CVE-2024-2243
was published
Apr 10, 2024
A improper neutralization of special elements used in an os command ('os command injection') in...
High
Unreviewed
CVE-2024-21756
was published
Apr 9, 2024
A improper neutralization of special elements used in an os command ('os command injection') in...
High
Unreviewed
CVE-2024-21755
was published
Apr 9, 2024
An improper neutralization of special elements used in an os command ('os command injection') in...
Moderate
Unreviewed
CVE-2023-47540
was published
Apr 9, 2024
A command injection vulnerability exists in the processAnalyticsReport method from the com.webos...
Critical
Unreviewed
CVE-2023-6318
was published
Apr 9, 2024
A command injection vulnerability exists in the com.webos.service.connectionmanager/tv...
Critical
Unreviewed
CVE-2023-6320
was published
Apr 9, 2024
A command injection vulnerability exists in the getAudioMetadata method from the com.webos...
Critical
Unreviewed
CVE-2023-6319
was published
Apr 9, 2024
An remote attacker with low privileges can perform a command injection which can lead to root...
High
Unreviewed
CVE-2023-1082
was published
Apr 9, 2024
Command injection vulnerability in the AccountManager module.
Impact: Successful exploitation of...
Unknown
Unreviewed
CVE-2024-30414
was published
Apr 7, 2024
A vulnerability was found in Byzro Smart S80 up to 20240328. It has been declared as critical....
Moderate
Unreviewed
CVE-2024-3346
was published
Apr 5, 2024
Remote code execution (RCE) vulnerability in Brocade Fabric OS after v9.0 and before v9.2.0 could...
High
Unreviewed
CVE-2023-3454
was published
Apr 4, 2024
TP-Link Omada ER605 Access Control Command Injection Remote Code Execution Vulnerability. This...
Moderate
Unreviewed
CVE-2024-1180
was published
Apr 3, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')...
Critical
Unreviewed
CVE-2023-25699
was published
Apr 3, 2024
In Flowmon versions prior to 11.1.14 and 12.3.5, an operating system command injection...
Critical
Unreviewed
CVE-2024-2389
was published
Apr 2, 2024
Voltronic Power ViewPower Pro getMacAddressByIp Command Injection Remote Code Execution...
Critical
Unreviewed
CVE-2023-51572
was published
Apr 2, 2024
Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. An...
High
Unreviewed
CVE-2024-25955
was published
Mar 28, 2024
Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. An...
High
Unreviewed
CVE-2024-25946
was published
Mar 28, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')...
Critical
Unreviewed
CVE-2023-6437
was published
Mar 28, 2024
Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC...
Unknown
Unreviewed
CVE-2024-28015
was published
Mar 28, 2024
A vulnerability classified as critical was found in Ruijie RG-EG350 up to 20240318. Affected by...
High
Unreviewed
CVE-2024-2909
was published
Mar 26, 2024
A vulnerability, which was classified as critical, has been found in Ruijie RG-EG350 up to...
Moderate
Unreviewed
CVE-2024-2910
was published
Mar 26, 2024
A vulnerability classified as critical has been found in Tenda AC7 15.03.06.44. Affected is the...
Moderate
Unreviewed
CVE-2024-2897
was published
Mar 26, 2024
ProTip!
Advisories are also available from the
GraphQL API