GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,872
Erlang
29
GitHub Actions
16
Go
1,722
Maven
4,951
npm
3,480
NuGet
605
pip
3,039
Pub
10
RubyGems
832
Rust
777
Swift
34
Unreviewed advisories
All unreviewed
5,000+
2,865 advisories
Filter by severity
Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. An...
High
Unreviewed
CVE-2024-25946
was published
Mar 28, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')...
Critical
Unreviewed
CVE-2023-6437
was published
Mar 28, 2024
Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC...
Unknown
Unreviewed
CVE-2024-28015
was published
Mar 28, 2024
A vulnerability, which was classified as critical, has been found in Ruijie RG-EG350 up to...
Moderate
Unreviewed
CVE-2024-2910
was published
Mar 26, 2024
A vulnerability classified as critical was found in Ruijie RG-EG350 up to 20240318. Affected by...
High
Unreviewed
CVE-2024-2909
was published
Mar 26, 2024
A vulnerability classified as critical has been found in Tenda AC7 15.03.06.44. Affected is the...
Moderate
Unreviewed
CVE-2024-2897
was published
Mar 26, 2024
ansys-geometry-core OS Command Injection vulnerability
High
CVE-2024-29189
was published
for
ansys-geometry-core
(pip)
Mar 25, 2024
Command Injection in the diagnostics interface of the Bosch Network Synchronizer allows...
High
Unreviewed
CVE-2024-25002
was published
Mar 25, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')...
High
Unreviewed
CVE-2024-24890
was published
Mar 25, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')...
High
Unreviewed
CVE-2024-24899
was published
Mar 25, 2024
A vulnerability classified as critical has been found in Tenda AC18 15.03.05.05. Affected is the...
Moderate
Unreviewed
CVE-2024-2854
was published
Mar 24, 2024
A vulnerability was found in Tenda AC10U 15.03.06.48/15.03.06.49. It has been rated as critical....
Moderate
Unreviewed
CVE-2024-2853
was published
Mar 24, 2024
A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi. It has been classified as...
Moderate
Unreviewed
CVE-2024-2851
was published
Mar 24, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')...
High
Unreviewed
CVE-2021-33633
was published
Mar 23, 2024
An OS command injection vulnerability has been identified in LoadMaster. An authenticated UI...
High
Unreviewed
CVE-2024-2448
was published
Mar 22, 2024
A vulnerability was found in Tenda AC15 15.03.05.18/15.03.20_multi. It has been classified as...
Moderate
Unreviewed
CVE-2024-2812
was published
Mar 22, 2024
An OS Command Injection vulnerability in Kiloview NDI allows a low-privileged user to execute...
High
Unreviewed
CVE-2024-2162
was published
Mar 21, 2024
A vulnerability has been found in Tenda AC10U 15.03.06.49 and classified as critical. This...
Moderate
Unreviewed
CVE-2024-2707
was published
Mar 20, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')...
High
Unreviewed
CVE-2023-44092
was published
Mar 19, 2024
Unitronics Unistream Unilogic – Versions prior to 1.35.227 -
CWE-78: 'OS Command Injection' may...
High
Unreviewed
CVE-2024-27772
was published
Mar 18, 2024
Nuclei allows unsigned code template execution through workflows
High
CVE-2024-27920
was published
for
github.com/projectdiscovery/nuclei/v3
(Go)
Mar 15, 2024
Fluid vulnerable to OS Command Injection for Fluid Users with JuicefsRuntime
Moderate
CVE-2023-51699
was published
for
github.com/fluid-cloudnative/fluid
(Go)
Mar 15, 2024
discordrb OS Command Injection vulnerability
Critical
CVE-2023-28102
was published
for
discordrb
(RubyGems)
Mar 14, 2024
Command injection vulnerability in Movistar 4G router affecting version ES_WLD71-T1_v2.0.201820....
High
Unreviewed
CVE-2024-2415
was published
Mar 13, 2024
A vulnerability, which was classified as critical, has been found in Totolink X6000R 9.4.0cu...
High
Unreviewed
CVE-2024-2353
was published
Mar 10, 2024
ProTip!
Advisories are also available from the
GraphQL API