GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,869
Erlang
29
GitHub Actions
16
Go
1,717
Maven
4,951
npm
3,480
NuGet
605
pip
3,026
Pub
10
RubyGems
832
Rust
776
Swift
34
Unreviewed advisories
All unreviewed
5,000+
1,709 advisories
Filter by severity
ASUS routers supporting custom OpenVPN profiles are vulnerable to a code execution vulnerability....
High
Unreviewed
CVE-2024-0401
was published
May 20, 2024
Passbolt Api Remote code execution
High
GHSA-cv5c-2qv5-w2m2
was published
for
passbolt/passbolt_api
(Composer)
May 20, 2024
A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could...
High
Unreviewed
CVE-2024-20326
was published
May 16, 2024
A command injection vulnerability exists in the 'run_xtts_api_server' function of the parisneo...
High
Unreviewed
CVE-2024-3126
was published
May 16, 2024
fuel/core ImageMagick driver does not escape all shell arguments.
High
GHSA-26hp-cgjj-m2j3
was published
for
fuel/core
(Composer)
May 15, 2024
A command injection vulnerability exists in the IOCTL that manages OTA updates. A specially...
High
Unreviewed
CVE-2023-6321
was published
May 15, 2024
OS command injection vulnerabilities in GE HealthCare ultrasound devices
High
Unreviewed
CVE-2024-1628
was published
May 14, 2024
tiagorlampert CHAOS vulnerable to command injections
High
CVE-2024-30850
was published
for
github.com/tiagorlampert/CHAOS
(Go)
Apr 12, 2024
NETGEAR CAX30S SSO Command Injection Remote Code Execution Vulnerability. This vulnerability...
High
Unreviewed
CVE-2022-43654
was published
May 8, 2024
A vulnerability classified as critical has been found in Faraday GM8181 and GM828x up to 20240429...
High
Unreviewed
CVE-2024-4582
was published
May 7, 2024
sagemaker-python-sdk Command Injection vulnerability
High
CVE-2024-34073
was published
for
sagemaker
(pip)
May 3, 2024
IBM Aspera Orchestrator 4.0.1 could allow a remote authenticated attacker to execute arbitrary...
High
Unreviewed
CVE-2023-37407
was published
May 3, 2024
D-Link G416 flupl filename Command Injection Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2023-50207
was published
May 3, 2024
D-Link G416 awsfile rm Command Injection Remote Code Execution Vulnerability. This vulnerability...
High
Unreviewed
CVE-2023-50217
was published
May 3, 2024
D-Link G416 nodered gz File Handling Command Injection Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2023-50215
was published
May 3, 2024
D-Link G416 cfgsave upusb Command Injection Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2023-50201
was published
May 3, 2024
D-Link G416 nodered File Handling Command Injection Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2023-50213
was published
May 3, 2024
D-Link DIR-X3260 SetSysEmailSettings EmailFrom Command Injection Remote Code Execution...
High
Unreviewed
CVE-2023-44422
was published
May 3, 2024
D-Link DIR-X3260 SetSysEmailSettings AccountPassword Command Injection Remote Code Execution...
High
Unreviewed
CVE-2023-44426
was published
May 3, 2024
D-Link G416 nodered chmod Command Injection Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2023-50203
was published
May 3, 2024
D-Link G416 cfgsave Command Injection Remote Code Execution Vulnerability. This vulnerability...
High
Unreviewed
CVE-2023-50198
was published
May 3, 2024
Control Web Panel dns_zone_editor Command Injection Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2023-42120
was published
May 3, 2024
D-Link DAP-1325 HNAP SetAPLanSettings PrimaryDNS Command Injection Remote Code Execution...
High
Unreviewed
CVE-2023-41192
was published
May 3, 2024
D-Link DAP-1325 HNAP SetSetupWizardStatus Enabled Command Injection Remote Code Execution...
High
Unreviewed
CVE-2023-41201
was published
May 3, 2024
Voltronic Power ViewPower USBCommEx shutdown Command Injection Remote Code Execution...
High
Unreviewed
CVE-2023-51585
was published
May 3, 2024
ProTip!
Advisories are also available from the
GraphQL API