Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

2,334 advisories

Loading
An issue in the handler function in /goform/telnet of Tenda FH1201 v1.2.0.14 (408) allows... Critical Unreviewed
CVE-2024-42947 was published Aug 15, 2024
A vulnerability was found in D-Link DI-8100 16.07. It has been classified as critical. This... Moderate Unreviewed
CVE-2024-7833 was published Aug 15, 2024
A command injection issue in Palo Alto Networks Cortex XSOAR CommonScripts Pack allows an... High Unreviewed
CVE-2024-5914 was published Aug 14, 2024
Command Injection in sequenceserver Critical
CVE-2024-42360 was published for sequenceserver (RubyGems) Aug 13, 2024
drpowell tadast
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L,... Moderate Unreviewed
CVE-2024-7715 was published Aug 13, 2024
A command injection flaw was found in the "Host Init Config" template in the Foreman application... Moderate Unreviewed
CVE-2024-7700 was published Aug 12, 2024
A vulnerability was found in Edimax IC-6220DC and IC-5150W up to 3.06. It has been rated as... Moderate Unreviewed
CVE-2024-7616 was published Aug 12, 2024
Multiple OS command injection vulnerabilities affecting Vonets industrial wifi bridge relays... Critical Unreviewed
CVE-2024-37023 was published Aug 12, 2024
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... High Unreviewed
CVE-2024-21879 was published Aug 12, 2024
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... Critical Unreviewed
CVE-2024-21878 was published Aug 12, 2024
Zabbix allows to configure SMS notifications. AT command injection occurs on "Zabbix Server"... Low Unreviewed
CVE-2024-22122 was published Aug 12, 2024
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... High Unreviewed
CVE-2024-21880 was published Aug 12, 2024
Firmware in KAON AR2140 routers prior to version 4.2.16 is vulnerable to a shell command... High Unreviewed
CVE-2024-3659 was published Aug 8, 2024
An issue in Koha ILS 23.05 and before allows a remote attacker to execute arbitrary code via a... Critical Unreviewed
CVE-2024-28739 was published Aug 6, 2024
GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000... Critical Unreviewed
CVE-2024-39226 was published Aug 6, 2024
CasaOS Command Injection vulnerability Critical
CVE-2023-37469 was published for github.com/IceWhaleTech/CasaOS (Go) Aug 5, 2024
Improper filering of special characters result in a command ('command injection') vulnerability... Critical Unreviewed
CVE-2024-7397 was published Aug 5, 2024
A vulnerability, which was classified as critical, has been found in TOTOLINK CP900 6.3c.566.... Moderate Unreviewed
CVE-2024-7464 was published Aug 5, 2024
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical has been found in Vivotek... Moderate Unreviewed
CVE-2024-7443 was published Aug 3, 2024
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek SD9364 VVTK-0103f. It has... Moderate Unreviewed
CVE-2024-7442 was published Aug 3, 2024
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek CC8160 VVTK-0100d. It has... Moderate Unreviewed
CVE-2024-7440 was published Aug 3, 2024
A vulnerability, which was classified as critical, has been found in D-Link DI-8100 16.07. This... Moderate Unreviewed
CVE-2024-7436 was published Aug 3, 2024
Commands can be injected over the network and executed without authentication. High Unreviewed
CVE-2024-7029 was published Aug 2, 2024
A command injection vulnerability could allow an authenticated user to execute operating system... High Unreviewed
CVE-2022-4002 was published Jul 31, 2024
A vulnerability was found in TOTOLINK LR1200 9.3.1cu.2832 and classified as critical. Affected by... Moderate Unreviewed
CVE-2024-7215 was published Jul 30, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database