Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,990 advisories

Loading
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection... Moderate Unreviewed
CVE-2024-32354 was published May 14, 2024
A low privileged remote attacker... Moderate Unreviewed
CVE-2024-28135 was published May 14, 2024
A local attacker with low... High Unreviewed
CVE-2024-28136 was published May 14, 2024
A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V5... High Unreviewed
CVE-2024-31485 was published May 14, 2024
An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows... Moderate Unreviewed
CVE-2024-4712 was published May 14, 2024
A Blind command injection vulnerability in Tenda O3V2 V1.0.0.12 and earlier allows remote... High Unreviewed
CVE-2024-34338 was published May 14, 2024
TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection... Low Unreviewed
CVE-2024-34218 was published May 14, 2024
TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection... Critical Unreviewed
CVE-2024-34204 was published May 14, 2024
TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection... Moderate Unreviewed
CVE-2024-34206 was published May 14, 2024
The issue was addressed with improved memory handling. This issue is fixed in iOS 17.5 and iPadOS... High Unreviewed
CVE-2024-27818 was published May 14, 2024
1Panel arbitrary file write vulnerability Moderate
CVE-2024-34352 was published for github.com/1Panel-dev/1Panel (Go) May 9, 2024
an5er
Credited to an5er
D-Link DIR-845L router v1.01KRb03 and before is vulnerable to Command injection via the hnap_main... Critical Unreviewed
CVE-2024-33112 was published May 6, 2024
D-LINK DIR-845L <=v1.01KRb03 is vulnerable to Information disclosurey via bsc_sms_inbox.php. Moderate Unreviewed
CVE-2024-33113 was published May 6, 2024
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability via the... High Unreviewed
CVE-2024-33788 was published May 6, 2024
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability via the ipurl... Critical Unreviewed
CVE-2024-33789 was published May 3, 2024
Magnet Forensics AXIOM Command Injection Remote Code Execution Vulnerability. This vulnerability... High Unreviewed
CVE-2023-42128 was published May 3, 2024
TP-Link TL-WR841N ated_tp Command Injection Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2023-39471 was published May 3, 2024
Adtran SR400ac ping Command Injection Remote Code Execution Vulnerability. This vulnerability... High Unreviewed
CVE-2023-38120 was published May 3, 2024
TRENDnet TEW-815DAP 1.0.2.0 is vulnerable to Command Injection via the do_setNTP function. An... Moderate Unreviewed
CVE-2024-22546 was published Apr 30, 2024
CRI-O vulnerable to an arbitrary systemd property injection High
CVE-2024-3154 was published for github.com/cri-o/cri-o (Go) Apr 30, 2024
AkihiroSuda cclerget
Credited to AkihiroSuda and cclerget
dcnnt-py is vulnerable to command injection via Notification Handler Moderate
CVE-2023-1000 was published for dcnnt (pip) Apr 27, 2024
D-Link DIR-822+ V1.0.5 was found to contain a command injection in SetPlcNetworkpwd function of... High Unreviewed
CVE-2024-33342 was published Apr 26, 2024
D-Link DIR-822+ V1.0.5 was found to contain a command injection in ftext function of... Critical Unreviewed
CVE-2024-33344 was published Apr 26, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system... Critical Unreviewed
CVE-2024-32766 was published Apr 26, 2024
CSV Injection vulnerability in the Asus RT-N12+ router allows administrator users to inject... Moderate Unreviewed
CVE-2024-28328 was published Apr 26, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database