GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,250
Composer 4,350
Erlang 31
GitHub Actions 22
Go 2,119
Maven 5,292
npm 3,778
NuGet 680
pip 3,459
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,721

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,021 advisories

Filter by severity

Sort by

Least recently updated

The web services of Softnext's products, Mail SQR Expert and Mail Archiving Expert do not... Critical Unreviewed

CVE-2024-5670 was published Jul 29, 2024

Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the... Critical Unreviewed

CVE-2024-41468 was published Jul 26, 2024

FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allow a... Critical Unreviewed

CVE-2024-36491 was published Jul 17, 2024

An issue was found on the Ruijie EG-2000 series gateway. There is a newcli.php API interface... Critical Unreviewed

CVE-2019-16639 was published Jul 16, 2024

An high privileged remote attacker can enable telnet access that accepts hardcoded credentials. Critical Unreviewed

CVE-2024-28751 was published Jul 9, 2024

A command injection vulnerability exists in the mudler/localai version 2.14.0. The vulnerability... Critical Unreviewed

CVE-2024-5181 was published Jun 26, 2024

Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... Critical Unreviewed

CVE-2024-37091 was published Jun 24, 2024

Openfind's MailGates and MailAudit fail to properly filter user input when analyzing email... Critical Unreviewed

CVE-2024-6048 was published Jun 17, 2024

Certain EOL GeoVision devices fail to properly filter user input for the specific functionality.... Critical Unreviewed

CVE-2024-6047 was published Jun 17, 2024

SECOM WRTR-304GN-304TW-UPSC V02(unsupported-when-assigned) does not properly filter user input in... Critical Unreviewed

CVE-2024-6046 was published Jun 17, 2024

Remote Command program allows an attacker to get Remote Code Execution. As for the affected... Critical Unreviewed

CVE-2024-27172 was published Jun 14, 2024

In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache... Critical Unreviewed

CVE-2024-4577 was published Jun 9, 2024

A vulnerability in the parisneo/lollms-webui version 9.3 allows attackers to bypass intended... Critical Unreviewed

CVE-2024-2359 was published Jun 6, 2024

A remote code execution vulnerability exists in mintplex-labs/anything-llm due to improper... Critical Unreviewed

CVE-2024-3104 was published Jun 6, 2024

SysAid - CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command... Critical Unreviewed

CVE-2024-36394 was published Jun 6, 2024

** UNSUPPORTED WHEN ASSIGNED ** The command injection vulnerability in the “setCookie” parameter... Critical Unreviewed

CVE-2024-29973 was published Jun 4, 2024

** UNSUPPORTED WHEN ASSIGNED ** The command injection vulnerability in the CGI program ... Critical Unreviewed

CVE-2024-29972 was published Jun 4, 2024

Improper neutralization of special elements used in a command ('Command Injection') exists in... Critical Unreviewed

CVE-2024-32850 was published May 31, 2024

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed

CVE-2023-3939 was published May 21, 2024

Dreamweaver Desktop versions 21.3 and earlier are affected by an Improper Neutralization of... Critical Unreviewed

CVE-2024-30314 was published May 16, 2024

There is a command injection vulnerability in the underlying Central Communications service that... Critical Unreviewed

CVE-2024-31471 was published May 15, 2024

There are command injection vulnerabilities in the underlying Soft AP Daemon service that could... Critical Unreviewed

CVE-2024-31472 was published May 15, 2024

IBM Security Guardium 11.3, 11.4, 11.5, and 12.0 could allow a remote authenticated attacker to... Critical Unreviewed

CVE-2023-47709 was published May 14, 2024

tiagorlampert CHAOS vulnerable to arbitrary code execution Critical

CVE-2024-33434 was published for github.com/tiagorlampert/CHAOS (Go) May 7, 2024

D-Link DIR-845L router v1.01KRb03 and before is vulnerable to Command injection via the hnap_main... Critical Unreviewed

CVE-2024-33112 was published May 6, 2024

Previous 1 2 3 4 5 6 7 … 40 41 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,021 advisories