Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

3,263 advisories

Loading
A command injection vulnerability in the IPSec VPN feature of Zyxel ATP series firmware versions... High Unreviewed
CVE-2024-42057 was published Sep 3, 2024
The improper neutralization of special elements in the parameter "host" in the CGI program of... Critical Unreviewed
CVE-2024-7261 was published Sep 3, 2024
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from... High Unreviewed
CVE-2024-7203 was published Sep 3, 2024
Nuclei Template Signature Verification Bypass Moderate
CVE-2024-43405 was published for github.com/projectdiscovery/nuclei/v3 (Go) Sep 4, 2024
GuyGoldenberg
A vulnerability in specific CLI commands in Cisco Identity Services Engine (ISE) could allow an... Moderate Unreviewed
CVE-2024-20469 was published Sep 4, 2024
Improper Input Validation vulnerability in Progress LoadMaster allows OS Command Injection.This... Critical Unreviewed
CVE-2024-7591 was published Sep 5, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system... High Unreviewed
CVE-2023-34974 was published Sep 6, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system... Moderate Unreviewed
CVE-2023-34979 was published Sep 6, 2024
An OS command injection vulnerability has been reported to affect legacy QTS. If exploited, the... High Unreviewed
CVE-2023-39300 was published Sep 6, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system... High Unreviewed
CVE-2024-21898 was published Sep 6, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system... Moderate Unreviewed
CVE-2024-21906 was published Sep 6, 2024
DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection... High Unreviewed
CVE-2024-44844 was published Sep 6, 2024
DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection... High Unreviewed
CVE-2024-44845 was published Sep 6, 2024
A vulnerability has been found in TOTOLINK AC1200 T8 4.1.5cu.861_B20230220 and classified as... Moderate Unreviewed
CVE-2024-8574 was published Sep 8, 2024
D-Link DI-7003GV2 v24.04.18D1, DI-7100G+V2 v24.04.18D1, DI-7100GV2 v24.04.18D1, DI-7200GV2 v24.04... High Unreviewed
CVE-2024-44333 was published Sep 9, 2024
**UNSUPPORTED WHEN ASSIGNED** A command injection vulnerability in the export-cgi program of... Critical Unreviewed
CVE-2024-6342 was published Sep 10, 2024
OS command injection vulnerability exists in BUFFALO wireless LAN routers and wireless LAN... Moderate Unreviewed
CVE-2024-44072 was published Sep 10, 2024
A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due... High Unreviewed
CVE-2024-43386 was published Sep 10, 2024
A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due... High Unreviewed
CVE-2024-43385 was published Sep 10, 2024
A low privileged remote attacker can read and write files as root due to improper neutralization... High Unreviewed
CVE-2024-43387 was published Sep 10, 2024
An low privileged remote attacker can execute OS commands with root privileges due to improper... High Unreviewed
CVE-2024-7699 was published Sep 10, 2024
An attacker with authenticated access to VICIdial as an "agent" can execute arbitrary shell... High Unreviewed
CVE-2024-8504 was published Sep 10, 2024
An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518... High Unreviewed
CVE-2024-8190 was published Sep 10, 2024
AutoGPT bypass of the shell commands denylist settings Critical
CVE-2024-6091 was published for agpt (pip) Sep 11, 2024
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker... High Unreviewed
CVE-2024-20398 was published Sep 11, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database