GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,605
Erlang
29
GitHub Actions
16
Go
1,695
Maven
4,936
npm
3,466
NuGet
601
pip
2,971
Pub
10
RubyGems
825
Rust
767
Swift
34
Unreviewed advisories
All unreviewed
5,000+
862 advisories
Filter by severity
IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow a remote authenticated attacker to...
Critical
Unreviewed
CVE-2023-47709
was published
May 14, 2024
LG Simple Editor createThumbnailByMovie Command Injection Remote Code Execution Vulnerability....
Critical
Unreviewed
CVE-2023-40505
was published
May 3, 2024
LG Simple Editor readVideoInfo Command Injection Remote Code Execution Vulnerability. This...
Critical
Unreviewed
CVE-2023-40504
was published
May 3, 2024
A vulnerability, which was classified as critical, has been found in MailCleaner up to 2023.03.14...
Critical
Unreviewed
CVE-2024-3191
was published
Apr 29, 2024
Eclipse Target Management: Terminal and Remote System Explorer (RSE) version <= 4.5.400 has a...
Critical
Unreviewed
CVE-2024-0740
was published
Apr 26, 2024
An OS command injection vulnerability exists in the web interface mac2name functionality of...
Critical
Unreviewed
CVE-2023-39367
was published
Apr 17, 2024
Command injection vulnerability in the operating system. Improper neutralisation of special...
Critical
Unreviewed
CVE-2024-3781
was published
Apr 15, 2024
LocalAI Command Injection in audioToWav
Critical
CVE-2024-2029
was published
for
github.com/go-skynet/LocalAI
(Go)
Apr 10, 2024
An OS Command Injection vulnerability exists in the '/open_code_folder' endpoint of the parisneo...
Critical
Unreviewed
CVE-2024-1520
was published
Apr 10, 2024
A command injection vulnerability exists in the getAudioMetadata method from the com.webos...
Critical
Unreviewed
CVE-2023-6319
was published
Apr 9, 2024
A command injection vulnerability exists in the processAnalyticsReport method from the com.webos...
Critical
Unreviewed
CVE-2023-6318
was published
Apr 9, 2024
A command injection vulnerability exists in the com.webos.service.connectionmanager/tv...
Critical
Unreviewed
CVE-2023-6320
was published
Apr 9, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')...
Critical
Unreviewed
CVE-2023-25699
was published
Apr 3, 2024
In Flowmon versions prior to 11.1.14 and 12.3.5, an operating system command injection...
Critical
Unreviewed
CVE-2024-2389
was published
Apr 2, 2024
Voltronic Power ViewPower Pro getMacAddressByIp Command Injection Remote Code Execution...
Critical
Unreviewed
CVE-2023-51572
was published
Apr 2, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')...
Critical
Unreviewed
CVE-2023-6437
was published
Mar 28, 2024
discordrb OS Command Injection vulnerability
Critical
CVE-2023-28102
was published
for
discordrb
(RubyGems)
Mar 14, 2024
PaddlePaddle command injection in paddle.utils.download._wget_download
Critical
CVE-2024-0815
was published
for
paddlepaddle
(pip)
Mar 7, 2024
An OS Command Injection vulnerability affecting documentation server on 3DEXPERIENCE from Release...
Critical
Unreviewed
CVE-2024-1624
was published
Mar 1, 2024
Unauthenticated remote attackers can access the system through the LoadMaster management...
Critical
Unreviewed
CVE-2024-1212
was published
Feb 21, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')...
Critical
Unreviewed
CVE-2023-6260
was published
Feb 20, 2024
Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by an Improper...
Critical
Unreviewed
CVE-2024-20720
was published
Feb 15, 2024
The functionality for synchronization in HGiga OAKlouds' certain moudules has an OS Command...
Critical
Unreviewed
CVE-2024-26260
was published
Feb 15, 2024
An OS command injection vulnerability exists in Akaunting v3.1.3 and earlier. An attacker can...
Critical
Unreviewed
CVE-2024-22836
was published
Feb 8, 2024
An OS command injection vulnerability in Hardy Barth cPH2 eCharge Ladestation v1.87.0 and earlier...
Critical
Unreviewed
CVE-2023-46359
was published
Feb 6, 2024
ProTip!
Advisories are also available from the
GraphQL API