GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,377
Composer 4,373
Erlang 33
GitHub Actions 22
Go 2,139
Maven 5,314
npm 3,799
NuGet 687
pip 3,478
Pub 12
RubyGems 896
Rust 898
Swift 38

Unreviewed advisories

All unreviewed 245,481

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

866 advisories

Filter by severity

Sort by

Least recently updated

FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allow a... Critical Unreviewed

CVE-2024-36491 was published Jul 17, 2024

An issue was found on the Ruijie EG-2000 series gateway. There is a newcli.php API interface... Critical Unreviewed

CVE-2019-16639 was published Jul 16, 2024

An high privileged remote attacker can enable telnet access that accepts hardcoded credentials. Critical Unreviewed

CVE-2024-28751 was published Jul 9, 2024

A command injection vulnerability exists in the mudler/localai version 2.14.0. The vulnerability... Critical Unreviewed

CVE-2024-5181 was published Jun 26, 2024

Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... Critical Unreviewed

CVE-2024-37091 was published Jun 24, 2024

Openfind's MailGates and MailAudit fail to properly filter user input when analyzing email... Critical Unreviewed

CVE-2024-6048 was published Jun 17, 2024

Certain EOL GeoVision devices fail to properly filter user input for the specific functionality.... Critical Unreviewed

CVE-2024-6047 was published Jun 17, 2024

SECOM WRTR-304GN-304TW-UPSC V02(unsupported-when-assigned) does not properly filter user input in... Critical Unreviewed

CVE-2024-6046 was published Jun 17, 2024

Remote Command program allows an attacker to get Remote Code Execution. As for the affected... Critical Unreviewed

CVE-2024-27172 was published Jun 14, 2024

In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache... Critical Unreviewed

CVE-2024-4577 was published Jun 9, 2024

A vulnerability in the parisneo/lollms-webui version 9.3 allows attackers to bypass intended... Critical Unreviewed

CVE-2024-2359 was published Jun 6, 2024

A remote code execution vulnerability exists in mintplex-labs/anything-llm due to improper... Critical Unreviewed

CVE-2024-3104 was published Jun 6, 2024

SysAid - CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command... Critical Unreviewed

CVE-2024-36394 was published Jun 6, 2024

** UNSUPPORTED WHEN ASSIGNED ** The command injection vulnerability in the CGI program ... Critical Unreviewed

CVE-2024-29972 was published Jun 4, 2024

** UNSUPPORTED WHEN ASSIGNED ** The command injection vulnerability in the “setCookie” parameter... Critical Unreviewed

CVE-2024-29973 was published Jun 4, 2024

Improper neutralization of special elements used in a command ('Command Injection') exists in... Critical Unreviewed

CVE-2024-32850 was published May 31, 2024

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed

CVE-2023-3939 was published May 21, 2024

Dreamweaver Desktop versions 21.3 and earlier are affected by an Improper Neutralization of... Critical Unreviewed

CVE-2024-30314 was published May 16, 2024

There is a command injection vulnerability in the underlying Central Communications service that... Critical Unreviewed

CVE-2024-31471 was published May 15, 2024

There are command injection vulnerabilities in the underlying Soft AP Daemon service that could... Critical Unreviewed

CVE-2024-31472 was published May 15, 2024

IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow a remote authenticated attacker to... Critical Unreviewed

CVE-2023-47709 was published May 14, 2024

D-Link DIR-845L router v1.01KRb03 and before is vulnerable to Command injection via the hnap_main... Critical Unreviewed

CVE-2024-33112 was published May 6, 2024

LG Simple Editor createThumbnailByMovie Command Injection Remote Code Execution Vulnerability.... Critical Unreviewed

CVE-2023-40505 was published May 3, 2024

LG Simple Editor readVideoInfo Command Injection Remote Code Execution Vulnerability. This... Critical Unreviewed

CVE-2023-40504 was published May 3, 2024

An issue in Infotel Conseil GLPI v.10.X.X and after allows a remote attacker to execute arbitrary... Critical Unreviewed

CVE-2024-31705 was published Apr 29, 2024

Previous 1 2 3 4 5 6 7 … 34 35 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

866 advisories