GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,878
Composer 4,266
Erlang 31
GitHub Actions 21
Go 2,035
Maven 5,219
npm 3,732
NuGet 662
pip 3,413
Pub 12
RubyGems 891
Rust 865
Swift 36

Unreviewed advisories

All unreviewed 237,755

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,824 advisories

Filter by severity

Sort by

Least recently updated

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... High Unreviewed

CVE-2024-52058 was published Dec 13, 2024

KioWare for Windows through v8.33 was discovered to contain an incomplete blacklist filter for... High Unreviewed

CVE-2023-34642 was published Jun 19, 2023

An unauthenticated attacker with network access to the affected device's web interface can... High Unreviewed

CVE-2024-28138 was published Dec 10, 2024

An authenticated Remote Code Execution (RCE) vulnerability exists in the AirWave CLI. Successful... High Unreviewed

CVE-2024-54008 was published Dec 10, 2024

IBM AIX 7.2, 7.3 and VIOS 3.1 and 4.1 could allow a local user to execute arbitrary commands on... High Unreviewed

CVE-2024-47115 was published Dec 7, 2024

A command injection vulnerability has been reported to affect several QNAP operating system... High Unreviewed

CVE-2024-50393 was published Dec 6, 2024

A command injection vulnerability has been reported to affect License Center. If exploited, the... High Unreviewed

CVE-2024-48863 was published Dec 6, 2024

UD-LT1 firmware Ver.2.1.8 and earlier and UD-LT1/EX firmware Ver.2.1.8 and earlier allow a remote... High Unreviewed

CVE-2024-47133 was published Dec 5, 2024

Improper neutralization of special elements in WL-WN531AX2 firmware versions prior to 2023526... High Unreviewed

CVE-2023-32622 was published Jun 30, 2023

IBM App Connect Enterprise Certified Container 11.4, 11.5, 11.6, 12.0, 12.1, 12.2, and 12.3 could... High Unreviewed

CVE-2024-51465 was published Dec 4, 2024

Authenticated remote code execution (RCE) vulnerabilities affect TP-Link Archer, Deco, and Tapo... High Unreviewed

CVE-2024-53375 was published Dec 3, 2024

An issue was discovered in Victure RX1800 WiFi 6 Router (software EN_V1.0.0_r12_110933, hardware... High Unreviewed

CVE-2024-53940 was published Dec 3, 2024

An issue was discovered in Victure RX1800 WiFi 6 Router (software EN_V1.0.0_r12_110933, hardware... High Unreviewed

CVE-2024-53939 was published Dec 3, 2024

A reachable assertion in the ogs_nas_emm_decode function of Open5GS v2.7.0 allows attackers to... High Unreviewed

CVE-2024-24431 was published Nov 15, 2024

An arbitrary file download vulnerability in the component /Doc/DownloadFile of NUS-M9 ERP... High Unreviewed

CVE-2024-44759 was published Nov 15, 2024

Qualys discovered that needrestart, before version 3.8, passes unsanitized data to a library ... High Unreviewed

CVE-2024-11003 was published Nov 19, 2024

A post-authentication command injection vulnerability in the "host" parameter of the diagnostic... High Unreviewed

CVE-2024-9200 was published Dec 3, 2024

EnGenius EWS356-FIR 1.1.30 and earlier devices allow a remote attacker to execute arbitrary OS... High Unreviewed

CVE-2024-31976 was published Nov 27, 2024

Certain models of routers from Billion Electric has an OS Command Injection vulnerability,... High Unreviewed

CVE-2024-11983 was published Nov 29, 2024

An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518... High Unreviewed

CVE-2024-8190 was published Sep 10, 2024

virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual... High Unreviewed

CVE-2024-53899 was published Nov 24, 2024

The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for... High Unreviewed

CVE-2024-9461 was published Nov 26, 2024

A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command... High Unreviewed

CVE-2024-50368 was published Nov 26, 2024

A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command... High Unreviewed

CVE-2024-50361 was published Nov 26, 2024

A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command... High Unreviewed

CVE-2024-50366 was published Nov 26, 2024

Previous 1 2 3 4 5 … 72 73 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,824 advisories