GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,843 advisories
Filter by severity
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command...
High
Unreviewed
CVE-2024-42736
was published
Aug 13, 2024
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command...
High
Unreviewed
CVE-2024-42744
was published
Aug 12, 2024
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command...
High
Unreviewed
CVE-2024-42745
was published
Aug 12, 2024
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command...
High
Unreviewed
CVE-2024-42742
was published
Aug 12, 2024
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command...
High
Unreviewed
CVE-2024-42748
was published
Aug 12, 2024
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command...
High
Unreviewed
CVE-2024-42741
was published
Aug 12, 2024
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command...
High
Unreviewed
CVE-2024-42743
was published
Aug 12, 2024
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command...
High
Unreviewed
CVE-2024-42747
was published
Aug 12, 2024
An OS command injection vulnerability in the ccm_debug component of MIPC Camera firmware prior to...
High
Unreviewed
CVE-2024-39091
was published
Aug 12, 2024
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability...
High
Unreviewed
CVE-2024-21880
was published
Aug 12, 2024
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability...
High
Unreviewed
CVE-2024-21879
was published
Aug 12, 2024
Withdrawn Advisory: Litestar has an environment Variable injection in `docs-preview.yml` workflow
High
CVE-2024-42370
was published
for
litestar
(pip)
Aug 9, 2024
•
withdrawn
An Improper Input Validation vulnerability in Zscaler Client Connector on MacOS allows OS Command...
High
Unreviewed
CVE-2024-23483
was published
Aug 6, 2024
Cosy+ devices running a firmware 21.x below 21.2s10 or a firmware 22.x below 22.1s3 are...
High
Unreviewed
CVE-2024-33896
was published
Aug 2, 2024
soft-serve vulnerable to arbitrary code execution by crafting git-lfs requests
High
CVE-2024-41956
was published
for
github.com/charmbracelet/soft-serve
(Go)
Aug 2, 2024
A privilege escalation vulnerability was discovered in XCC that could allow an authenticated XCC...
High
Unreviewed
CVE-2024-38512
was published
Jul 26, 2024
A privilege escalation vulnerability was discovered in an upload processing functionality of XCC...
High
Unreviewed
CVE-2024-38511
was published
Jul 26, 2024
A privilege escalation vulnerability was discovered in the web interface or SSH captive command...
High
Unreviewed
CVE-2024-38508
was published
Jul 26, 2024
A privilege escalation vulnerability was discovered in the SSH captive command shell interface...
High
Unreviewed
CVE-2024-38510
was published
Jul 26, 2024
Starship vulnerable to shell injection via undocumented, unpredictable shell expansion in custom commands
High
CVE-2024-41815
was published
for
starship
(Rust)
Jul 26, 2024
Softaculous Webuzo contains a command injection vulnerability in the FTP management functionality...
High
Unreviewed
CVE-2024-24623
was published
Jul 26, 2024
Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the mac...
High
Unreviewed
CVE-2024-41473
was published
Jul 26, 2024
Softaculous Webuzo contains a command injection in the password reset functionality. A remote,...
High
Unreviewed
CVE-2024-24622
was published
Jul 26, 2024
Adtran 834-5 11.1.0.101-202106231430, and fixed as of SmartOS Version 12.5.5.1, devices allow OS...
High
Unreviewed
CVE-2024-31977
was published
Jul 24, 2024
AdTran 834-5 HDC17600021F1 (SmartOS 11.1.1.1) devices enable the SSH service by default and have...
High
Unreviewed
CVE-2024-39345
was published
Jul 24, 2024
ProTip!
Advisories are also available from the
GraphQL API