Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,383
Erlang
33
GitHub Actions
22
Go
2,140
Maven
5,000+
npm
3,800
NuGet
687
pip
3,478
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

867 advisories

Loading
An issue in Infotel Conseil GLPI v.10.X.X and after allows a remote attacker to execute arbitrary... Critical Unreviewed
CVE-2024-31705 was published Apr 29, 2024
A vulnerability, which was classified as critical, has been found in MailCleaner up to 2023.03.14... Critical Unreviewed
CVE-2024-3191 was published Apr 29, 2024
Eclipse Target Management: Terminal and Remote System Explorer (RSE) version <= 4.5.400 has a... Critical Unreviewed
CVE-2024-0740 was published Apr 26, 2024
An OS command injection vulnerability exists in the web interface mac2name functionality of... Critical Unreviewed
CVE-2023-39367 was published Apr 17, 2024
Command injection vulnerability in the operating system. Improper neutralisation of special... Critical Unreviewed
CVE-2024-3781 was published Apr 15, 2024
An OS Command Injection vulnerability exists in the '/open_code_folder' endpoint of the parisneo... Critical Unreviewed
CVE-2024-1520 was published Apr 10, 2024
A command injection vulnerability exists in the getAudioMetadata method from the com.webos... Critical Unreviewed
CVE-2023-6319 was published Apr 9, 2024
A command injection vulnerability exists in the com.webos.service.connectionmanager/tv... Critical Unreviewed
CVE-2023-6320 was published Apr 9, 2024
A command injection vulnerability exists in the processAnalyticsReport method from the com.webos... Critical Unreviewed
CVE-2023-6318 was published Apr 9, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed
CVE-2023-25699 was published Apr 3, 2024
In Flowmon versions prior to 11.1.14 and 12.3.5, an operating system command injection... Critical Unreviewed
CVE-2024-2389 was published Apr 2, 2024
Voltronic Power ViewPower Pro getMacAddressByIp Command Injection Remote Code Execution... Critical Unreviewed
CVE-2023-51572 was published Apr 2, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed
CVE-2023-6437 was published Mar 28, 2024
Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC... Critical Unreviewed
CVE-2024-28015 was published Mar 28, 2024
OS command injection vulnerability exists in ffBull ver.4.11, which may allow a remote... Critical Unreviewed
CVE-2024-28048 was published Mar 26, 2024
An OS Command Injection vulnerability affecting documentation server on 3DEXPERIENCE from Release... Critical Unreviewed
CVE-2024-1624 was published Mar 1, 2024
Unauthenticated remote attackers can access the system through the LoadMaster management... Critical Unreviewed
CVE-2024-1212 was published Feb 21, 2024
Loomio version 2.22.0 allows executing arbitrary commands on the server. This is possible... Critical Unreviewed
CVE-2024-1297 was published Feb 20, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed
CVE-2023-6260 was published Feb 20, 2024
Adobe Commerce versions 2.4.6-p3, 2.4.5-p5, 2.4.4-p6 and earlier are affected by an Improper... Critical Unreviewed
CVE-2024-20720 was published Feb 15, 2024
Dell OS10 Networking Switches running 10.5.2.x and above contain an OS command injection... Critical Unreviewed
CVE-2023-32462 was published Feb 15, 2024
The functionality for synchronization in HGiga OAKlouds' certain moudules has an OS Command... Critical Unreviewed
CVE-2024-26260 was published Feb 15, 2024
An OS command injection vulnerability exists in Akaunting v3.1.3 and earlier. An attacker can... Critical Unreviewed
CVE-2024-22836 was published Feb 8, 2024
Yealink Meeting Server before v26.0.0.66 was discovered to contain an OS command injection... Critical Unreviewed
CVE-2024-24091 was published Feb 8, 2024
An OS command injection vulnerability in Hardy Barth cPH2 eCharge Ladestation v1.87.0 and earlier... Critical Unreviewed
CVE-2023-46359 was published Feb 6, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database