Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,339
Erlang
31
GitHub Actions
22
Go
2,099
Maven
5,000+
npm
3,763
NuGet
678
pip
3,448
Pub
12
RubyGems
892
Rust
883
Swift
37
Unreviewed advisories
All unreviewed
5,000+

979 advisories

Loading
COMFAST CF-XR11 V2.7.2 has a command injection vulnerability in function sub_424CB4. Attackers... Critical Unreviewed
CVE-2024-44466 was published Sep 11, 2024
Improper Input Validation vulnerability in Hillstone Networks Hillstone Networks Web Application... Critical Unreviewed
CVE-2024-8073 was published Aug 26, 2024
TOTOLINK EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command... Critical Unreviewed
CVE-2023-51014 was published Dec 22, 2023
TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to an unauthorized arbitrary command... Critical Unreviewed
CVE-2023-51025 was published Dec 22, 2023
Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were... Critical Unreviewed
CVE-2022-27005 was published Mar 17, 2022
CVE-2024-45824 IMPACT A remote code vulnerability exists in the affected products. The... Critical Unreviewed
CVE-2024-45824 was published Sep 12, 2024
Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were... Critical Unreviewed
CVE-2022-27004 was published Mar 17, 2022
Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were... Critical Unreviewed
CVE-2022-27003 was published Mar 17, 2022
D-Link DI-8300 v16.07.26A1 is vulnerable to command injection via the upgrade_filter_asp function. Critical Unreviewed
CVE-2024-44410 was published Sep 9, 2024
tinyfiledialogs (aka tiny file dialogs) before 3.15.0 allows shell metacharacters (such as a... Critical Unreviewed
CVE-2023-47104 was published Oct 30, 2023
D-Link DI-8100G 17.12.20A1 is vulnerable to Command Injection via msp_info.htm. Critical Unreviewed
CVE-2024-44402 was published Sep 6, 2024
D-Link DI-8100G 17.12.20A1 is vulnerable to Command Injection via sub47A60C function in the... Critical Unreviewed
CVE-2024-44401 was published Sep 6, 2024
An issue in TOTOlink X6000R V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary... Critical Unreviewed
CVE-2023-46484 was published Oct 31, 2023
An issue in TOTOlink X6000R V9.4.0cu.852_B20230719 allows a remote attacker to execute arbitrary... Critical Unreviewed
CVE-2023-46485 was published Oct 31, 2023
An issue in the handler function in /goform/telnet of Tenda FH1201 v1.2.0.14 (408) allows... Critical Unreviewed
CVE-2024-42947 was published Aug 15, 2024
Qualitor through 8.20 allows remote attackers to execute arbitrary code via PHP code in the html... Critical Unreviewed
CVE-2023-47253 was published Nov 6, 2023
Zentao v18.0 to v18.10 was discovered to contain a remote code execution (RCE) vulnerability via... Critical Unreviewed
CVE-2024-24216 was published Feb 8, 2024
Distrobox before 1.7.0.1 allows attackers to execute arbitrary code via command injection into... Critical Unreviewed
CVE-2024-29864 was published Mar 21, 2024
Ansible fails to properly sanitize fact variables sent from the Ansible controller Critical
CVE-2016-8628 was published for ansible (pip) Oct 10, 2018
An issue discovered in sub_4117F8 function in TOTOLINK X6000R V9.4.0cu.852_B20230719 allows... Critical Unreviewed
CVE-2023-52042 was published Jan 17, 2024
In Indo-Sol PROFINET-INspektor NT through 2.4.0, a command injection vulnerability in the... Critical Unreviewed
CVE-2023-49959 was published Feb 26, 2024
Command Injection vulnerability in D-Link Dir 816 with firmware version DIR-816_A2_v1.10CNB04... Critical Unreviewed
CVE-2023-24331 was published Feb 21, 2024
FitNesse allows execution of arbitrary OS commands Critical
CVE-2024-28125 was published for org.fitnesse:fitnesse (Maven) Mar 18, 2024
Beijing Digital China Cloud Technology Co., Ltd. DCME-320 v.7.4.12.60 has a command execution... Critical Unreviewed
CVE-2024-42905 was published Aug 28, 2024
DIR-845L router <= v1.01KRb03 has an Unauthenticated remote code execution vulnerability in the... Critical Unreviewed
CVE-2024-29385 was published Mar 22, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database