GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
3,264 advisories
Filter by severity
virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual...
High
Unreviewed
CVE-2024-53899
was published
Nov 24, 2024
An OS Command Injection vulnerability exists within myPRO Manager. A parameter within a command...
Critical
Unreviewed
CVE-2024-52034
was published
Nov 23, 2024
A parameter within a command does not properly validate input within myPRO Manager which could be...
Critical
Unreviewed
CVE-2024-47407
was published
Nov 23, 2024
Visteon Infotainment REFLASH_DDU_ExtractFile Command Injection Remote Code Execution...
Moderate
Unreviewed
CVE-2024-8360
was published
Nov 23, 2024
Visteon Infotainment REFLASH_DDU_FindFile Command Injection Remote Code Execution Vulnerability....
Moderate
Unreviewed
CVE-2024-8359
was published
Nov 23, 2024
Visteon Infotainment UPDATES_ExtractFile Command Injection Remote Code Execution Vulnerability....
Moderate
Unreviewed
CVE-2024-8358
was published
Nov 23, 2024
Cohesive Networks VNS3 Command Injection Remote Code Execution Vulnerability. This vulnerability...
High
Unreviewed
CVE-2024-8809
was published
Nov 22, 2024
Cohesive Networks VNS3 Command Injection Remote Code Execution Vulnerability. This vulnerability...
Critical
Unreviewed
CVE-2024-8806
was published
Nov 22, 2024
Cohesive Networks VNS3 Command Injection Remote Code Execution Vulnerability. This vulnerability...
High
Unreviewed
CVE-2024-8808
was published
Nov 22, 2024
Cohesive Networks VNS3 Command Injection Remote Code Execution Vulnerability. This vulnerability...
Critical
Unreviewed
CVE-2024-8807
was published
Nov 22, 2024
Wyze Cam v3 Wi-Fi SSID OS Command Injection Remote Code Execution Vulnerability. This...
Moderate
Unreviewed
CVE-2024-6247
was published
Nov 22, 2024
Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2024-5719
was published
Nov 22, 2024
Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2024-5717
was published
Nov 22, 2024
Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2024-5720
was published
Nov 22, 2024
D-Link DI-8200 16.07.26A1 is vulnerable to remote command execution in the msp_info_htm function...
Critical
Unreviewed
CVE-2024-51151
was published
Nov 22, 2024
OS command injection vulnerability exists in AIPHONE IX SYSTEM and IXG SYSTEM. A network-adjacent...
High
Unreviewed
CVE-2024-31408
was published
Nov 22, 2024
LLama Factory Remote OS Command Injection Vulnerability
High
CVE-2024-52803
was published
for
llamafactory
(pip)
Nov 21, 2024
Improper neutralization of special elements used in an OS command ('OS Command Injection') issue...
High
Unreviewed
CVE-2024-48895
was published
Nov 20, 2024
A security agent manual scan command injection vulnerability in the Trend Micro Deep Security 20...
High
Unreviewed
CVE-2024-51503
was published
Nov 19, 2024
Qualys discovered that needrestart, before version 3.8, passes unsanitized data to a library ...
High
Unreviewed
CVE-2024-11003
was published
Nov 19, 2024
Harden-Runner has a command injection weaknesses in `setup.ts` and `arc-runner.ts`
Low
CVE-2024-52587
was published
for
step-security/harden-runner
(GitHub Actions)
Nov 18, 2024
A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS...
Moderate
Unreviewed
CVE-2024-9474
was published
Nov 18, 2024
A vulnerability in the web UI of Cisco IND could allow an authenticated, remote attacker to...
Critical
Unreviewed
CVE-2023-20036
was published
Nov 15, 2024
A vulnerability in the web management interface of Cisco AsyncOS for Cisco Secure Web...
Moderate
Unreviewed
CVE-2022-20871
was published
Nov 15, 2024
A vulnerability in the implementation of the CLI on a device that is running ConfD could allow an...
High
Unreviewed
CVE-2022-20655
was published
Nov 15, 2024
ProTip!
Advisories are also available from the
GraphQL API