Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,832 advisories

Loading
An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved... High Unreviewed
CVE-2024-39524 was published Jul 11, 2024
An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved... High Unreviewed
CVE-2024-39520 was published Jul 11, 2024
Insecure handling of POST header parameter body included in requests being sent to an instance of... High Unreviewed
CVE-2024-3799 was published Jul 10, 2024
A remote attacker with high privileges may use a writing file function to inject OS commands. High Unreviewed
CVE-2024-28749 was published Jul 9, 2024
A remote attacker with high privileges may use a deleting file function to inject OS commands. High Unreviewed
CVE-2024-28750 was published Jul 9, 2024
A remote attacker with high privileges may use a reading file function to inject OS commands. High Unreviewed
CVE-2024-28748 was published Jul 9, 2024
D-Link DIR-823X firmware - 240126 was discovered to contain a remote command execution (RCE)... High Unreviewed
CVE-2024-39202 was published Jul 8, 2024
Three os command injection vulnerabilities exist in the boa formWsc functionality of Realtek... High Unreviewed
CVE-2023-50382 was published Jul 8, 2024
Three os command injection vulnerabilities exist in the boa formWsc functionality of Realtek... High Unreviewed
CVE-2023-50383 was published Jul 8, 2024
Three os command injection vulnerabilities exist in the boa formWsc functionality of Realtek... High Unreviewed
CVE-2023-50381 was published Jul 8, 2024
jc21 NGINX Proxy Manager before 2.11.3 allows backend/internal/certificate.js OS command... High Unreviewed
CVE-2024-39935 was published Jul 4, 2024
An os command injection vulnerability exists in the CWMP SelfDefinedTimeZone functionality of... High Unreviewed
CVE-2024-32937 was published Jul 3, 2024
A high privileged remote attacker can execute arbitrary system commands via GET requests due to... High Unreviewed
CVE-2024-5672 was published Jul 3, 2024
Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an... High Unreviewed
CVE-2024-37140 was published Jun 26, 2024
The CRUDDIY project is vulnerable to shell command injection via sending a crafted POST request... High Unreviewed
CVE-2024-4748 was published Jun 24, 2024
A command injection issue in TOTOLINK A6000R V1.0.1-B20201211.2000 firmware allows a remote... High Unreviewed
CVE-2024-37626 was published Jun 20, 2024
The specific function parameter of ASUS Download Master does not properly filter user input. An... High Unreviewed
CVE-2024-31162 was published Jun 14, 2024
A privilege escalation vulnerability was reported in Lenovo Service Bridge prior to version 5.0.2... High Unreviewed
CVE-2024-4696 was published Jun 13, 2024
Command injection vulnerability in Comtrend router WLD71-T1_v2.0.201820, affecting the GRG-4280us... High Unreviewed
CVE-2024-5785 was published Jun 10, 2024
An OS command injection vulnerability exists in the MacOS Text-To-Speech class MacOSTTS of the... High Unreviewed
CVE-2024-1880 was published Jun 6, 2024
AutoGPT, a component of significant-gravitas/autogpt, is vulnerable to an improper neutralization... High Unreviewed
CVE-2024-1881 was published Jun 6, 2024
A10 Thunder ADC CsrRequestView Command Injection Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2024-30368 was published Jun 6, 2024
ASUS routers supporting custom OpenVPN profiles are vulnerable to a code execution vulnerability.... High Unreviewed
CVE-2024-0401 was published May 20, 2024
Passbolt Api Remote code execution High
GHSA-cv5c-2qv5-w2m2 was published for passbolt/passbolt_api (Composer) May 20, 2024
A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could... High Unreviewed
CVE-2024-20326 was published May 16, 2024
ProTip! Advisories are also available from the GraphQL API