GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,843 advisories
Filter by severity
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability...
High
Unreviewed
CVE-2024-41317
was published
Jul 22, 2024
Sliver Allows Authenticated Operator-to-Server Remote Code Execution
High
CVE-2024-41111
was published
for
github.com/bishopfox/sliver
(Go)
Jul 18, 2024
Local privilege escalation due to OS command injection vulnerability. The following products are...
High
Unreviewed
CVE-2024-34013
was published
Jul 18, 2024
projectdiscovery/nuclei allows unsigned code template execution through workflows
High
CVE-2024-40641
was published
for
github.com/projectdiscovery/nuclei/v3
(Go)
Jul 17, 2024
FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. contain an...
High
Unreviewed
CVE-2024-36475
was published
Jul 17, 2024
An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved...
High
Unreviewed
CVE-2024-39524
was published
Jul 11, 2024
An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved...
High
Unreviewed
CVE-2024-39521
was published
Jul 11, 2024
An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved...
High
Unreviewed
CVE-2024-39522
was published
Jul 11, 2024
An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved...
High
Unreviewed
CVE-2024-39523
was published
Jul 11, 2024
An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved...
High
Unreviewed
CVE-2024-39520
was published
Jul 11, 2024
Insecure handling of POST header parameter body included in requests being sent to an instance of...
High
Unreviewed
CVE-2024-3799
was published
Jul 10, 2024
A remote attacker with high privileges may use a writing file function to inject OS commands.
High
Unreviewed
CVE-2024-28749
was published
Jul 9, 2024
A remote attacker with high privileges may use a reading file function to inject OS commands.
High
Unreviewed
CVE-2024-28748
was published
Jul 9, 2024
A remote attacker with high privileges may use a deleting file function to inject OS commands.
High
Unreviewed
CVE-2024-28750
was published
Jul 9, 2024
Three os command injection vulnerabilities exist in the boa formWsc functionality of Realtek...
High
Unreviewed
CVE-2023-50381
was published
Jul 8, 2024
Three os command injection vulnerabilities exist in the boa formWsc functionality of Realtek...
High
Unreviewed
CVE-2023-50383
was published
Jul 8, 2024
Three os command injection vulnerabilities exist in the boa formWsc functionality of Realtek...
High
Unreviewed
CVE-2023-50382
was published
Jul 8, 2024
D-Link DIR-823X firmware - 240126 was discovered to contain a remote command execution (RCE)...
High
Unreviewed
CVE-2024-39202
was published
Jul 8, 2024
jc21 NGINX Proxy Manager before 2.11.3 allows backend/internal/certificate.js OS command...
High
Unreviewed
CVE-2024-39935
was published
Jul 4, 2024
An os command injection vulnerability exists in the CWMP SelfDefinedTimeZone functionality of...
High
Unreviewed
CVE-2024-32937
was published
Jul 3, 2024
A high privileged remote attacker can execute arbitrary system commands via GET requests due to...
High
Unreviewed
CVE-2024-5672
was published
Jul 3, 2024
Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an...
High
Unreviewed
CVE-2024-37140
was published
Jun 26, 2024
The CRUDDIY project is vulnerable to shell command injection via sending a crafted POST request...
High
Unreviewed
CVE-2024-4748
was published
Jun 24, 2024
A command injection issue in TOTOLINK A6000R V1.0.1-B20201211.2000 firmware allows a remote...
High
Unreviewed
CVE-2024-37626
was published
Jun 20, 2024
The specific function parameter of ASUS Download Master does not properly filter user input. An...
High
Unreviewed
CVE-2024-31162
was published
Jun 14, 2024
ProTip!
Advisories are also available from the
GraphQL API