Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,062
Erlang
29
GitHub Actions
19
Go
1,889
Maven
5,000+
npm
3,622
NuGet
638
pip
3,233
Pub
10
RubyGems
857
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,202 advisories

Loading
Tenda FH451 v1.0.0.9 has a command injection vulnerability in the formexeCommand function i High Unreviewed
CVE-2024-46048 was published Sep 13, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 16.11 prior to 17... High Unreviewed
CVE-2024-8640 was published Sep 12, 2024
CVE-2024-45824 IMPACT A remote code vulnerability exists in the affected products. The... Critical Unreviewed
CVE-2024-45824 was published Sep 12, 2024
RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the... High Unreviewed
CVE-2024-44574 was published Sep 11, 2024
RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the... High Unreviewed
CVE-2024-44577 was published Sep 11, 2024
RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the... High Unreviewed
CVE-2024-44572 was published Sep 11, 2024
RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a code injection vulnerability via the... High Unreviewed
CVE-2024-44570 was published Sep 11, 2024
COMFAST CF-XR11 V2.7.2 has a command injection vulnerability in function sub_424CB4. Attackers... Critical Unreviewed
CVE-2024-44466 was published Sep 11, 2024
Microsoft SharePoint Server Remote Code Execution Vulnerability High Unreviewed
CVE-2024-38228 was published Sep 10, 2024
Microsoft SharePoint Server Remote Code Execution Vulnerability High Unreviewed
CVE-2024-38227 was published Sep 10, 2024
Command Injection vulnerability in goform/SetIPTVCfg interface of Tenda AC15 V15.03.05.20 allows... High Unreviewed
CVE-2023-36103 was published Sep 10, 2024
An improper neutralization of special elements used in a command ('Command Injection')... High Unreviewed
CVE-2024-33508 was published Sep 10, 2024
Dell ThinOS versions 2402 and 2405, contains an Improper Neutralization of Special Elements used... High Unreviewed
CVE-2024-42427 was published Sep 10, 2024
D-Link DI-8300 v16.07.26A1 is vulnerable to command injection via the upgrade_filter_asp function. Critical Unreviewed
CVE-2024-44410 was published Sep 9, 2024
D-Link DI-7003GV2 v24.04.18D1, DI-7100G+V2 v24.04.18D1, DI-7100GV2 v24.04.18D1, DI-7200GV2 v24.04... High Unreviewed
CVE-2024-44334 was published Sep 9, 2024
D-Link DI-7003G v19.12.24A1, DI-7003GV2 v24.04.18D1, DI-7100G+V2 v24.04.18D1, DI-7100GV2 v24.04... High Unreviewed
CVE-2024-44335 was published Sep 9, 2024
Bypass incomplete fix of CVE-2024-27980, that arises from improper handling of batch files with... High Unreviewed
CVE-2024-36138 was published Sep 7, 2024
DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection... High Unreviewed
CVE-2024-44844 was published Sep 6, 2024
DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection... High Unreviewed
CVE-2024-44845 was published Sep 6, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system... High Unreviewed
CVE-2024-38641 was published Sep 6, 2024
An OS command injection vulnerability has been reported to affect Video Station. If exploited,... High Unreviewed
CVE-2023-47563 was published Sep 6, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system... Moderate Unreviewed
CVE-2024-21903 was published Sep 6, 2024
D-Link DI-8100G 17.12.20A1 is vulnerable to Command Injection via msp_info.htm. Critical Unreviewed
CVE-2024-44402 was published Sep 6, 2024
D-Link DI-8100G 17.12.20A1 is vulnerable to Command Injection via sub47A60C function in the... Critical Unreviewed
CVE-2024-44401 was published Sep 6, 2024
Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x , contain(s)... High Unreviewed
CVE-2024-38486 was published Sep 6, 2024
ProTip! Advisories are also available from the GraphQL API