GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,133
Erlang
29
GitHub Actions
19
Go
1,939
Maven
5,000+
npm
3,677
NuGet
643
pip
3,295
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,035 advisories
Filter by severity
TYPO3 Install Tool vulnerable to Code Execution
High
CVE-2024-22188
was published
for
typo3/cms-core
(Composer)
Feb 13, 2024
An issue in idocv v.14.1.3_20231228 allows a remote attacker to execute arbitrary code and obtain...
High
Unreviewed
CVE-2024-24377
was published
Feb 16, 2024
Vulnerability in admin_ip.php in Seacms v13.1, when action=set, allows attackers to control IP...
High
Unreviewed
CVE-2024-44916
was published
Aug 30, 2024
Commands can be injected over the network and executed without authentication.
High
Unreviewed
CVE-2024-7029
was published
Aug 2, 2024
WAYOS FBM-291W v19.09.11 is vulnerable to Command Execution via msp_info_htm.
High
Unreviewed
CVE-2024-44383
was published
Sep 4, 2024
A post-authentication remote command injection vulnerability in a CGI file in Western Digital My...
High
Unreviewed
CVE-2023-22816
was published
Jul 1, 2023
Dell SmartFabric OS10 Software, version(s) 10.5.5.4 through 10.5.5.10 and 10.5.6.x , contain(s)...
High
Unreviewed
CVE-2024-38486
was published
Sep 6, 2024
Improper Input Validation and Command Injection in Ansible
High
CVE-2021-3583
was published
for
ansible
(pip)
Sep 23, 2021
An OS command injection vulnerability has been reported to affect Video Station. If exploited,...
High
Unreviewed
CVE-2023-47563
was published
Sep 6, 2024
D-Link DI-8400 16.07.26A1 is vulnerable to Command Injection via upgrade_filter_asp.
High
Unreviewed
CVE-2024-44400
was published
Sep 4, 2024
Bypass incomplete fix of CVE-2024-27980, that arises from improper handling of batch files with...
High
Unreviewed
CVE-2024-36138
was published
Sep 7, 2024
D-Link DI-7003G v19.12.24A1, DI-7003GV2 v24.04.18D1, DI-7100G+V2 v24.04.18D1, DI-7100GV2 v24.04...
High
Unreviewed
CVE-2024-44335
was published
Sep 9, 2024
D-Link DI-7003GV2 v24.04.18D1, DI-7100G+V2 v24.04.18D1, DI-7100GV2 v24.04.18D1, DI-7200GV2 v24.04...
High
Unreviewed
CVE-2024-44334
was published
Sep 9, 2024
Dell ThinOS versions 2402 and 2405, contains an Improper Neutralization of Special Elements used...
High
Unreviewed
CVE-2024-42427
was published
Sep 10, 2024
An improper neutralization of special elements used in a command ('Command Injection')...
High
Unreviewed
CVE-2024-33508
was published
Sep 10, 2024
Microsoft SharePoint Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-38228
was published
Sep 10, 2024
Microsoft SharePoint Server Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-38227
was published
Sep 10, 2024
Command Injection vulnerability in goform/SetIPTVCfg interface of Tenda AC15 V15.03.05.20 allows...
High
Unreviewed
CVE-2023-36103
was published
Sep 10, 2024
DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection...
High
Unreviewed
CVE-2024-44845
was published
Sep 6, 2024
DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection...
High
Unreviewed
CVE-2024-44844
was published
Sep 6, 2024
Remote code execution (RCE) in Apache Airflow
High
CVE-2020-11978
was published
for
apache-airflow
(pip)
Jul 27, 2020
RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the...
High
Unreviewed
CVE-2024-44574
was published
Sep 11, 2024
RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the...
High
Unreviewed
CVE-2024-44577
was published
Sep 11, 2024
ProTip!
Advisories are also available from the
GraphQL API