Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,383
Erlang
33
GitHub Actions
22
Go
2,140
Maven
5,000+
npm
3,800
NuGet
687
pip
3,478
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

867 advisories

Loading
An improper neutralization of special elements used in an os command ('os command injection') in... Critical Unreviewed
CVE-2024-23108 was published Feb 5, 2024
An improper neutralization of special elements used in an os command ('os command injection') in... Critical Unreviewed
CVE-2024-23109 was published Feb 5, 2024
OS command injection vulnerability in command processing or system call componentsROS2 (Robot... Critical Unreviewed
CVE-2023-51202 was published Jan 31, 2024
An issue discovered in shell command execution in ROS2 (Robot Operating System 2) Foxy Fitzroy,... Critical Unreviewed
CVE-2023-51197 was published Jan 31, 2024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection... Critical Unreviewed
CVE-2024-24330 was published Jan 30, 2024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection... Critical Unreviewed
CVE-2024-24332 was published Jan 30, 2024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection... Critical Unreviewed
CVE-2024-24333 was published Jan 30, 2024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection... Critical Unreviewed
CVE-2024-24327 was published Jan 30, 2024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection... Critical Unreviewed
CVE-2024-24329 was published Jan 30, 2024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection... Critical Unreviewed
CVE-2024-24331 was published Jan 30, 2024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection... Critical Unreviewed
CVE-2024-24328 was published Jan 30, 2024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection... Critical Unreviewed
CVE-2024-24325 was published Jan 30, 2024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection... Critical Unreviewed
CVE-2024-24326 was published Jan 30, 2024
An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the status path script... Critical Unreviewed
CVE-2023-38323 was published Jan 26, 2024
An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the FAS key entry in the... Critical Unreviewed
CVE-2023-38319 was published Jan 26, 2024
An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the network interface name... Critical Unreviewed
CVE-2023-38317 was published Jan 26, 2024
An issue was discovered in OpenNDS before 10.1.3. It fails to sanitize the gateway FQDN entry in... Critical Unreviewed
CVE-2023-38318 was published Jan 26, 2024
TOTOlink EX1800T V9.1.0cu.2112_B20220316 was discovered to contain a remote command execution ... Critical Unreviewed
CVE-2023-52026 was published Jan 12, 2024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection... Critical Unreviewed
CVE-2024-23058 was published Jan 11, 2024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection... Critical Unreviewed
CVE-2024-23061 was published Jan 11, 2024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection... Critical Unreviewed
CVE-2024-23059 was published Jan 11, 2024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection... Critical Unreviewed
CVE-2024-23060 was published Jan 11, 2024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection... Critical Unreviewed
CVE-2024-23057 was published Jan 11, 2024
D-Link DIR-822+ V1.0.2 was found to contain a command injection in SetStaticRouteSettings... Critical Unreviewed
CVE-2023-51984 was published Jan 11, 2024
TOTOLINK A3300R V17.0.0cu.557_B20221024 was discovered to contain a command injection... Critical Unreviewed
CVE-2024-22942 was published Jan 11, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database