Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,872
Erlang
29
GitHub Actions
16
Go
1,722
Maven
4,951
npm
3,480
NuGet
605
pip
3,039
Pub
10
RubyGems
832
Rust
777
Swift
34
Unreviewed advisories
All unreviewed
5,000+

2,865 advisories

Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. An... High Unreviewed
CVE-2024-25946 was published Mar 28, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed
CVE-2023-6437 was published Mar 28, 2024
Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC... Unknown Unreviewed
CVE-2024-28015 was published Mar 28, 2024
A vulnerability, which was classified as critical, has been found in Ruijie RG-EG350 up to... Moderate Unreviewed
CVE-2024-2910 was published Mar 26, 2024
A vulnerability classified as critical was found in Ruijie RG-EG350 up to 20240318. Affected by... High Unreviewed
CVE-2024-2909 was published Mar 26, 2024
A vulnerability classified as critical has been found in Tenda AC7 15.03.06.44. Affected is the... Moderate Unreviewed
CVE-2024-2897 was published Mar 26, 2024
ansys-geometry-core OS Command Injection vulnerability High
CVE-2024-29189 was published for ansys-geometry-core (pip) Mar 25, 2024
RobPasMue
Command Injection in the diagnostics interface of the Bosch Network Synchronizer allows... High Unreviewed
CVE-2024-25002 was published Mar 25, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... High Unreviewed
CVE-2024-24890 was published Mar 25, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... High Unreviewed
CVE-2024-24899 was published Mar 25, 2024
A vulnerability classified as critical has been found in Tenda AC18 15.03.05.05. Affected is the... Moderate Unreviewed
CVE-2024-2854 was published Mar 24, 2024
A vulnerability was found in Tenda AC10U 15.03.06.48/15.03.06.49. It has been rated as critical.... Moderate Unreviewed
CVE-2024-2853 was published Mar 24, 2024
A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi. It has been classified as... Moderate Unreviewed
CVE-2024-2851 was published Mar 24, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... High Unreviewed
CVE-2021-33633 was published Mar 23, 2024
An OS command injection vulnerability has been identified in LoadMaster.  An authenticated UI... High Unreviewed
CVE-2024-2448 was published Mar 22, 2024
A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi. It has been classified as... Moderate Unreviewed
CVE-2024-2812 was published Mar 22, 2024
An OS Command Injection vulnerability in Kiloview NDI allows a low-privileged user to execute... High Unreviewed
CVE-2024-2162 was published Mar 21, 2024
A vulnerability has been found in Tenda AC10U 15.03.06.49 and classified as critical. This... Moderate Unreviewed
CVE-2024-2707 was published Mar 20, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... High Unreviewed
CVE-2023-44092 was published Mar 19, 2024
Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-78: 'OS Command Injection' may... High Unreviewed
CVE-2024-27772 was published Mar 18, 2024
Nuclei allows unsigned code template execution through workflows High
CVE-2024-27920 was published for github.com/projectdiscovery/nuclei/v3 (Go) Mar 15, 2024
Fluid vulnerable to OS Command Injection for Fluid Users with JuicefsRuntime Moderate
CVE-2023-51699 was published for github.com/fluid-cloudnative/fluid (Go) Mar 15, 2024
zhang-x-z
discordrb OS Command Injection vulnerability Critical
CVE-2023-28102 was published for discordrb (RubyGems) Mar 14, 2024
Command injection vulnerability in Movistar 4G router affecting version ES_WLD71-T1_v2.0.201820.... High Unreviewed
CVE-2024-2415 was published Mar 13, 2024
A vulnerability, which was classified as critical, has been found in Totolink X6000R 9.4.0cu... High Unreviewed
CVE-2024-2353 was published Mar 10, 2024
ProTip! Advisories are also available from the GraphQL API