GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,843 advisories
Filter by severity
@saltcorn/plugins-loader unsanitized plugin name leads to a remote code execution (RCE) vulnerability when creating plugins using git source
High
GHSA-fm76-w8jw-xf8m
was published
for
@saltcorn/plugins-loader
(npm)
Oct 3, 2024
An issue in Plasmoapp RPShare Fabric mod v.1.0.0 allows a remote attacker to execute arbitrary...
High
Unreviewed
CVE-2024-33368
was published
Sep 27, 2024
Tenda G3 Router firmware v15.03.05.05 was discovered to contain a remote code execution (RCE)...
High
Unreviewed
CVE-2024-46628
was published
Sep 26, 2024
VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain a command injection vulnerability via the...
High
Unreviewed
CVE-2024-46330
was published
Sep 26, 2024
VONETS VAP11G-300 v3.3.23.6.9 was discovered to contain a command injection vulnerability via the...
High
Unreviewed
CVE-2024-46329
was published
Sep 26, 2024
Gigastone TR1 Travel Router R101 v1.0.2 is vulnerable to Command Injection. This allows an...
High
Unreviewed
CVE-2024-44678
was published
Sep 25, 2024
OS command injection vulnerability in multiple digital video recorders provided by TAKENAKA...
High
Unreviewed
CVE-2024-43778
was published
Sep 18, 2024
PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an OS command injection issue....
High
Unreviewed
CVE-2024-8957
was published
Sep 17, 2024
Authenticated command execution vulnerability exist in the ArubaOS command line interface (CLI)....
High
Unreviewed
CVE-2024-42503
was published
Sep 17, 2024
Authenticated command injection vulnerability exists in the ArubaOS command line interface....
High
Unreviewed
CVE-2024-42502
was published
Sep 17, 2024
There is a command injection vulnerability that may allow an attacker to inject malicious input...
High
Unreviewed
CVE-2024-45682
was published
Sep 17, 2024
Certain models of D-Link wireless routers do not properly validate user input in the telnet...
High
Unreviewed
CVE-2024-45698
was published
Sep 16, 2024
A privilege escalation vulnerability was discovered in XCC that could allow a valid,...
High
Unreviewed
CVE-2024-8279
was published
Sep 13, 2024
A privilege escalation vulnerability was discovered in XCC that could allow a valid,...
High
Unreviewed
CVE-2024-8278
was published
Sep 13, 2024
An input validation weakness was discovered in XCC that could allow a valid, authenticated XCC...
High
Unreviewed
CVE-2024-8280
was published
Sep 13, 2024
An input validation weakness was discovered in XCC that could allow a valid, authenticated XCC...
High
Unreviewed
CVE-2024-8281
was published
Sep 13, 2024
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker...
High
Unreviewed
CVE-2024-20398
was published
Sep 11, 2024
A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated...
High
Unreviewed
CVE-2024-8686
was published
Sep 11, 2024
Multiple vulnerabilities in Cisco Routed PON Controller Software, which runs as a docker...
High
Unreviewed
CVE-2024-20483
was published
Sep 11, 2024
An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518...
High
Unreviewed
CVE-2024-8190
was published
Sep 10, 2024
An attacker with authenticated access to VICIdial as an "agent" can execute arbitrary shell...
High
Unreviewed
CVE-2024-8504
was published
Sep 10, 2024
A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due...
High
Unreviewed
CVE-2024-43386
was published
Sep 10, 2024
A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due...
High
Unreviewed
CVE-2024-43385
was published
Sep 10, 2024
An low privileged remote attacker can execute OS commands with root privileges due to improper...
High
Unreviewed
CVE-2024-7699
was published
Sep 10, 2024
A low privileged remote attacker can read and write files as root due to improper neutralization...
High
Unreviewed
CVE-2024-43387
was published
Sep 10, 2024
ProTip!
Advisories are also available from the
GraphQL API