Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,267 advisories

Loading
An issue was discovered in DTS Monitoring 3.57.0. The parameter url within the WGET check... Critical Unreviewed
CVE-2023-33273 was published Oct 3, 2023
An issue was discovered in DTS Monitoring 3.57.0. The parameter port within the SSL Certificate... Critical Unreviewed
CVE-2023-33268 was published Oct 3, 2023
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2023-43892 was published Oct 3, 2023
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2023-43893 was published Oct 3, 2023
An issue in PGYER codefever v.2023.8.14-2ce4006 allows a remote attacker to execute arbitrary... Critical Unreviewed
CVE-2023-44080 was published Sep 28, 2023
An OS command injection vulnerability has been found on EasyPHP Webserver affecting version 14.1... Critical Unreviewed
CVE-2023-3767 was published Sep 27, 2023
D-LINK DIR-806 1200M11AC wireless router DIR806A1_FW100CNb11 is vulnerable to command injection. Critical Unreviewed
CVE-2023-43130 was published Sep 23, 2023
D-LINK DIR-806 1200M11AC wireless router DIR806A1_FW100CNb11 is vulnerable to command injection... Critical Unreviewed
CVE-2023-43129 was published Sep 23, 2023
Foreman Transpilation Enables OS Command Injection Critical
CVE-2022-3874 was published for foreman (RubyGems) Sep 22, 2023 withdrawn
drewblas MH4GF
hoshinotsuyoshi fesplugas-drms olleolleolle evgeni mrnovalles aramprice
Credited to drewblas, MH4GF, hoshinotsuyoshi, fesplugas-drms, olleolleolle, evgeni, mrnovalles, and aramprice
An arbitrary code execution flaw was found in Foreman. This flaw allows an admin user to bypass... Critical Unreviewed
CVE-2023-0118 was published Sep 20, 2023
Freewill iFIS (aka SMART Trade) 20.01.01.04 allows OS Command Injection via shell metacharacters... Critical Unreviewed
CVE-2023-28614 was published Sep 15, 2023
Magento XML Injection vulnerability in the Widgets Update Layout Critical
CVE-2021-36023 was published for magento/community-edition (Composer) Sep 6, 2023
F-RevoCRM version7.3.7 and version7.3.8 contains an OS command injection vulnerability. If this... Critical Unreviewed
CVE-2023-41149 was published Sep 6, 2023
Command Injection Vulnerability in find-exec Critical
CVE-2023-40582 was published for find-exec (npm) Aug 30, 2023
miguelafmonteiro
Credited to miguelafmonteiro
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_ADD50' contains a command... Critical Unreviewed
CVE-2023-40837 was published Aug 30, 2023
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_ADF3C' contains a command... Critical Unreviewed
CVE-2023-40839 was published Aug 30, 2023
Tenda AC6 US_AC6V1.0BR_V15.03.05.16_multi_TD01.bin function 'sub_3A1D0' contains a command... Critical Unreviewed
CVE-2023-40838 was published Aug 30, 2023
SmartNode SN200 (aka SN200) 3.21.2-23021 allows unauthenticated OS Command Injection. Critical Unreviewed
CVE-2023-41109 was published Aug 28, 2023
SpotCam Co., Ltd. SpotCam Sense’s hidden Telnet function has a vulnerability of OS command... Critical Unreviewed
CVE-2023-38027 was published Aug 28, 2023
SpotCam Co., Ltd. SpotCam FHD 2’s hidden Telnet function has a vulnerability of OS command... Critical Unreviewed
CVE-2023-38025 was published Aug 28, 2023
OS command injection vulnerability in ELECOM wireless LAN routers allows an attacker who can... Critical Unreviewed
CVE-2023-40069 was published Aug 18, 2023
TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection... Critical Unreviewed
CVE-2023-34215 was published Aug 17, 2023
TN-5900 Series firmware versions v3.3 and prior are vulnerable to command-injection vulnerability... Critical Unreviewed
CVE-2023-34213 was published Aug 17, 2023
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and... Critical Unreviewed
CVE-2023-33238 was published Aug 17, 2023
TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and... Critical Unreviewed
CVE-2023-33239 was published Aug 17, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database