GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
3,264 advisories
Filter by severity
A vulnerability in the web-based management interface and in the API subsystem of Cisco ...
Moderate
Unreviewed
CVE-2022-20652
was published
Nov 15, 2024
LibreNMS has an Authenticated OS Command Injection
Critical
CVE-2024-51092
was published
for
librenms/librenms
(Composer)
Nov 15, 2024
Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote...
Critical
Unreviewed
CVE-2024-11120
was published
Nov 15, 2024
A Python command injection vulnerability exists in the `SagemakerLLM` class's `complete()` method...
Critical
Unreviewed
CVE-2024-4343
was published
Nov 14, 2024
Multiple improper neutralization of special elements used in an OS command ('OS Command Injection...
Moderate
Unreviewed
CVE-2024-32118
was published
Nov 12, 2024
Zoraxy has an authenticated command injection in the Web SSH feature
High
CVE-2024-52010
was published
for
github.com/tobychui/zoraxy
(Go)
Nov 12, 2024
Command injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure...
Critical
Unreviewed
CVE-2024-11005
was published
Nov 12, 2024
Command injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure...
Critical
Unreviewed
CVE-2024-11006
was published
Nov 12, 2024
Command injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure...
Critical
Unreviewed
CVE-2024-11007
was published
Nov 12, 2024
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected...
Critical
Unreviewed
CVE-2024-46890
was published
Nov 12, 2024
Improper neutralization of special elements used in an OS command ('OS Command Injection') issue...
High
Unreviewed
CVE-2024-45827
was published
Nov 12, 2024
A post-authentication command injection vulnerability in the CGI program in the Zyxel GS1900-48...
Moderate
Unreviewed
CVE-2024-8881
was published
Nov 12, 2024
EnGenius EWS356-FIT devices through 1.1.30 allow blind OS command injection. This allows an...
Critical
Unreviewed
CVE-2024-36061
was published
Nov 11, 2024
The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers...
High
Unreviewed
CVE-2024-11064
was published
Nov 11, 2024
The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers...
High
Unreviewed
CVE-2024-11065
was published
Nov 11, 2024
The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers...
High
Unreviewed
CVE-2024-11063
was published
Nov 11, 2024
The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers...
High
Unreviewed
CVE-2024-11066
was published
Nov 11, 2024
The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers...
High
Unreviewed
CVE-2024-11062
was published
Nov 11, 2024
Wi-Fi Alliance wfa_dut (in Wi-Fi Test Suite) through 9.0.0 allows OS command injection via 802...
High
Unreviewed
CVE-2024-41992
was published
Nov 11, 2024
The theme.php file in SDCMS 2.8 has a command execution vulnerability that allows for the...
High
Unreviewed
CVE-2024-50809
was published
Nov 8, 2024
Dell Enterprise SONiC OS, version(s) 4.1.x, 4.2.x, contain(s) an Improper Neutralization of...
Critical
Unreviewed
CVE-2024-45765
was published
Nov 8, 2024
Dell Enterprise SONiC OS, version(s) 4.1.x, 4.2.x, contain(s) an Improper Neutralization of...
Critical
Unreviewed
CVE-2024-45763
was published
Nov 8, 2024
The pwrstudio web application of EV Charger (in the server in Circontrol Raption through 5.6.2)...
Critical
Unreviewed
CVE-2020-8007
was published
Nov 8, 2024
An issue was discovered in Logpoint before 7.5.0. Unvalidated input during the EventHub Collector...
Moderate
Unreviewed
CVE-2024-48954
was published
Nov 7, 2024
A vulnerability has been found in didi Super-Jacoco 1.0 and classified as critical. Affected by...
Moderate
Unreviewed
CVE-2024-10919
was published
Nov 6, 2024
ProTip!
Advisories are also available from the
GraphQL API