GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,614
Composer 4,224
Erlang 31
GitHub Actions 19
Go 1,990
Maven 5,170
npm 3,706
NuGet 661
pip 3,336
Pub 11
RubyGems 884
Rust 845
Swift 36

Unreviewed advisories

All unreviewed 234,382

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

794 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability in the web UI of Cisco IND could allow an authenticated, remote attacker to... Critical Unreviewed

CVE-2023-20036 was published Nov 15, 2024

Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote... Critical Unreviewed

CVE-2024-11120 was published Nov 15, 2024

A Python command injection vulnerability exists in the `SagemakerLLM` class's `complete()` method... Critical Unreviewed

CVE-2024-4343 was published Nov 14, 2024

Command injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure... Critical Unreviewed

CVE-2024-11006 was published Nov 12, 2024

Command injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure... Critical Unreviewed

CVE-2024-11005 was published Nov 12, 2024

Command injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure... Critical Unreviewed

CVE-2024-11007 was published Nov 12, 2024

EnGenius EWS356-FIT devices through 1.1.30 allow blind OS command injection. This allows an... Critical Unreviewed

CVE-2024-36061 was published Nov 11, 2024

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected... Critical Unreviewed

CVE-2024-46890 was published Nov 12, 2024

A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. It... Critical Unreviewed

CVE-2024-10915 was published Nov 6, 2024

The pwrstudio web application of EV Charger (in the server in Circontrol Raption through 5.6.2)... Critical Unreviewed

CVE-2020-8007 was published Nov 8, 2024

Dell Enterprise SONiC OS, version(s) 4.1.x, 4.2.x, contain(s) an Improper Neutralization of... Critical Unreviewed

CVE-2024-45763 was published Nov 8, 2024

Dell Enterprise SONiC OS, version(s) 4.1.x, 4.2.x, contain(s) an Improper Neutralization of... Critical Unreviewed

CVE-2024-45765 was published Nov 8, 2024

Waybox Enel X web management application could be used to execute arbitrary OS commands and... Critical Unreviewed

CVE-2023-29120 was published Nov 5, 2024

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed

CVE-2024-51661 was published Nov 4, 2024

IDExpert from CHANGING Information Technology does not properly validate a specific parameter in... Critical Unreviewed

CVE-2024-10653 was published Nov 1, 2024

CyberPanel (aka Cyber Panel) before 2.3.5 allows Command Injection via completePath in the... Critical Unreviewed

CVE-2024-51568 was published Oct 30, 2024

TN-5900 Series firmware versions v3.3 and prior are vulnerable to the command-injection... Critical Unreviewed

CVE-2023-34215 was published Aug 17, 2023

TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and... Critical Unreviewed

CVE-2023-33239 was published Aug 17, 2023

TN-5900 Series firmware versions v3.3 and prior are vulnerable to command-injection vulnerability... Critical Unreviewed

CVE-2023-34213 was published Aug 17, 2023

TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and... Critical Unreviewed

CVE-2023-33238 was published Aug 17, 2023

TN-4900 Series firmware versions v1.2.4 and prior and TN-5900 Series firmware versions v3.3 and... Critical Unreviewed

CVE-2023-34214 was published Aug 17, 2023

TOTOlink EX1800T V9.1.0cu.2112_B20220316 was discovered to contain a remote command execution ... Critical Unreviewed

CVE-2023-52026 was published Jan 12, 2024

A vulnerability in the web-based management interface of Cisco Secure Firewall Management Center ... Critical Unreviewed

CVE-2024-20424 was published Oct 23, 2024

A vulnerability has been identified in InterMesh 7177 Hybrid 2.0 Subscriber (All versions < V8.2... Critical Unreviewed

CVE-2024-47901 was published Oct 23, 2024

The postjournal service in Zimbra Collaboration (ZCS) before 8.8.15 Patch 46, 9 before 9.0.0... Critical Unreviewed

CVE-2024-45519 was published Oct 3, 2024

Previous 1 2 3 4 5 … 31 32 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

794 advisories