Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,071 advisories

Loading
ruby-saml vulnerable to XPath injection Critical
CVE-2015-20108 was published for ruby-saml (RubyGems) May 27, 2023
An issue was discovered in KaiOS 3.0 before 3.1. The /system/bin/tctweb_server binary exposes a... Critical Unreviewed
CVE-2023-33294 was published May 22, 2023
TOTOLINK A3300R v17.0.0cu.557 is vulnerable to Command Injection. Critical Unreviewed
CVE-2023-31729 was published May 18, 2023
A command injection vulnerability in the hostTime parameter in the function NTPSyncWithHostof... Critical Unreviewed
CVE-2023-31856 was published May 16, 2023
A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows... Critical Unreviewed
CVE-2023-31986 was published May 15, 2023
A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows... Critical Unreviewed
CVE-2023-31983 was published May 12, 2023
A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows... Critical Unreviewed
CVE-2023-31985 was published May 12, 2023
Not all valid JavaScript whitespace characters are considered to be whitespace. Templates... Critical Unreviewed
CVE-2023-24540 was published May 11, 2023
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... Critical Unreviewed
CVE-2022-29842 was published May 10, 2023
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 allows unauthenticated remote code... Critical Unreviewed
CVE-2023-30353 was published May 10, 2023
A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). The web based... Critical Unreviewed
CVE-2023-27407 was published May 9, 2023
Tenda AC18 v15.03.05.19(6318_)_cn was discovered to contain a command injection vulnerability via... Critical Unreviewed
CVE-2023-30135 was published May 5, 2023
Remote code execution in dawnsparks-node-tesseract Critical
CVE-2023-29566 was published for dawnsparks-node-tesseract (npm) Apr 24, 2023
rails-routes-to-json v1.0.0 was discovered to contain a remote code execution (RCE) vulnerability... Critical Unreviewed
CVE-2023-27849 was published Apr 24, 2023
Remote code execution in broccoli-compass Critical
CVE-2023-27848 was published for broccoli-compass (npm) Apr 24, 2023
Nanoleaf Desktop App before v1.3.1 was discovered to contain a command injection vulnerability... Critical Unreviewed
CVE-2022-46640 was published Apr 18, 2023
TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability... Critical Unreviewed
CVE-2023-29800 was published Apr 14, 2023
TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain multiple command injection... Critical Unreviewed
CVE-2023-29801 was published Apr 14, 2023
TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability... Critical Unreviewed
CVE-2023-29798 was published Apr 14, 2023
TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability... Critical Unreviewed
CVE-2023-29803 was published Apr 14, 2023
TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability... Critical Unreviewed
CVE-2023-29802 was published Apr 14, 2023
TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability... Critical Unreviewed
CVE-2023-29799 was published Apr 14, 2023
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection... Critical Unreviewed
CVE-2023-26978 was published Apr 7, 2023
TOTOlink A7100RU(V7.4cu.2313_B20191024) was discovered to contain a command injection... Critical Unreviewed
CVE-2023-26848 was published Apr 7, 2023
inventory in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before... Critical Unreviewed
CVE-2023-29474 was published Apr 7, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database