Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,319
Erlang
31
GitHub Actions
21
Go
2,077
Maven
5,000+
npm
3,746
NuGet
674
pip
3,435
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

975 advisories

Loading
The Danfoss AK-EM100 web applications allow for OS command injection through the web application... Critical Unreviewed
CVE-2023-25911 was published Jun 11, 2023
SpotCam Co., Ltd. SpotCam Sense’s hidden Telnet function has a vulnerability of OS command... Critical Unreviewed
CVE-2023-38027 was published Aug 28, 2023
A vulnerability has been discovered in Xiaomi routers that could allow command injection through... Critical Unreviewed
CVE-2023-26317 was published Aug 2, 2023
A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0).... Critical Unreviewed
CVE-2024-47562 was published Oct 8, 2024
A vulnerability in the REST API and web UI of Cisco Nexus Dashboard Fabric Controller (NDFC)... Critical Unreviewed
CVE-2024-20432 was published Oct 2, 2024
Command injection in LocalStack Critical
CVE-2021-32090 was published for localstack (pip) Jun 18, 2021
Command injection and multiple stack-based buffer overflows vulnerabilities in the... Critical Unreviewed
CVE-2021-26731 was published Oct 24, 2022
Command injection in libvcs and vcspull Critical
CVE-2022-21187 was published for libvcs (pip) Mar 15, 2022
tony
SAP NetWeaver Administrator AS Java (Administrator Log Viewer plug-in) - version 7.50, allows an... Critical Unreviewed
CVE-2024-22127 was published Mar 12, 2024
A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE IP sub-menu can allow a... Critical Unreviewed
CVE-2024-45066 was published Sep 25, 2024
Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated... Critical Unreviewed
CVE-2024-42505 was published Sep 25, 2024
Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated... Critical Unreviewed
CVE-2024-42506 was published Sep 25, 2024
Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated... Critical Unreviewed
CVE-2024-42507 was published Sep 25, 2024
A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE UTILITY sub-menu can allow a... Critical Unreviewed
CVE-2024-43693 was published Sep 25, 2024
json-logic-js Command Injection vulnerability Critical
CVE-2021-4329 was published for json-logic-js (npm) Mar 5, 2023
A condition exists in FlashArray and FlashBlade Purity whereby a malicious user could execute... Critical Unreviewed
CVE-2024-0005 was published Sep 23, 2024
Donfig Command Injection in collect_yaml method Critical
CVE-2019-7537 was published for donfig (pip) May 14, 2022
Improper Input Validation vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise,... Critical Unreviewed
CVE-2023-0636 was published Jul 6, 2023
TELSAT marKoni FM Transmitters are vulnerable to a command injection vulnerability through the... Critical Unreviewed
CVE-2024-39373 was published Jun 27, 2024
COMFAST CF-XR11 V2.7.2 has a command injection vulnerability in function sub_424CB4. Attackers... Critical Unreviewed
CVE-2024-44466 was published Sep 11, 2024
Improper Input Validation vulnerability in Hillstone Networks Hillstone Networks Web Application... Critical Unreviewed
CVE-2024-8073 was published Aug 26, 2024
TOTOLINK EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command... Critical Unreviewed
CVE-2023-51014 was published Dec 22, 2023
Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were... Critical Unreviewed
CVE-2022-27005 was published Mar 17, 2022
TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to an unauthorized arbitrary command... Critical Unreviewed
CVE-2023-51025 was published Dec 22, 2023
CVE-2024-45824 IMPACT A remote code vulnerability exists in the affected products. The... Critical Unreviewed
CVE-2024-45824 was published Sep 12, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database