GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,972
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,983
npm
3,518
NuGet
609
pip
3,094
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
868 advisories
Filter by severity
Tenda AX1803 v1.0.0.1 was discovered to contain a command injection vulnerability via the...
Critical
Unreviewed
CVE-2023-51972
was published
Jan 10, 2024
An issue was discovered on TRENDnet TV-IP1314PI 5.5.3 200714 devices. Command injection can occur...
Critical
Unreviewed
CVE-2023-49237
was published
Jan 9, 2024
TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command...
Critical
Unreviewed
CVE-2023-51016
was published
Dec 22, 2023
MotionPro in Array ArrayOS AG before 9.4.0.505 on AG and vxAG allows remote command execution via...
Critical
Unreviewed
CVE-2023-51707
was published
Dec 22, 2023
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a command injection vulnerability via the...
Critical
Unreviewed
CVE-2023-50983
was published
Dec 21, 2023
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a command injection vulnerability via the...
Critical
Unreviewed
CVE-2023-50989
was published
Dec 21, 2023
MajorDoMo (aka Major Domestic Module) before 0662e5e allows command execution via thumb.php shell...
Critical
Unreviewed
CVE-2023-50917
was published
Dec 15, 2023
A Command Injection vulnerability exists in NETGEAR WNR2000v4 version 1.0.0.70. When using HTTP...
Critical
Unreviewed
CVE-2023-50089
was published
Dec 15, 2023
Apache StreamPark: Authenticated system users could trigger remote command execution
Critical
CVE-2023-49898
was published
for
org.apache.streampark:streampark
(Maven)
Dec 15, 2023
Gradio Exposure of Sensitive Information to an Unauthorized Actor vulnerability
Critical
CVE-2023-6572
was published
for
gradio
(pip)
Dec 14, 2023
NETSCOUT nGeniusPULSE 3.8 has a Command Injection Vulnerability.
Critical
Unreviewed
CVE-2023-40301
was published
Dec 7, 2023
Tenda AX9 V22.03.01.46 has been discovered to contain a command injection vulnerability in the ...
Critical
Unreviewed
CVE-2023-49431
was published
Dec 7, 2023
Tenda AX9 V22.03.01.46 is vulnerable to command injection.
Critical
Unreviewed
CVE-2023-49435
was published
Dec 7, 2023
Tenda AX9 V22.03.01.46 has been discovered to contain a command injection vulnerability in the ...
Critical
Unreviewed
CVE-2023-49436
was published
Dec 7, 2023
Tenda AX12 V22.03.01.46 has been discovered to contain a command injection vulnerability in the ...
Critical
Unreviewed
CVE-2023-49437
was published
Dec 7, 2023
Tenda AX12 V22.03.01.46 has been discovered to contain a command injection vulnerability in the ...
Critical
Unreviewed
CVE-2023-49428
was published
Dec 7, 2023
In TOTOLINK X6000R_Firmware V9.4.0cu.852_B20230719, the shttpd file sub_415534 function obtains...
Critical
Unreviewed
CVE-2023-48801
was published
Dec 2, 2023
D-Link Go-RT-AC750 revA_v101b03 was discovered to contain a command injection vulnerability via...
Critical
Unreviewed
CVE-2023-48842
was published
Dec 1, 2023
An issue in TOTOLINK X6000R V9.4.0cu.652_B20230116 and V9.4.0cu.852_B20230719 allows a remote...
Critical
Unreviewed
CVE-2023-43454
was published
Dec 1, 2023
An issue in TOTOLINK X6000R V9.4.0cu.652_B20230116 and V9.4.0cu.852_B20230719 allows a remote...
Critical
Unreviewed
CVE-2023-43455
was published
Dec 1, 2023
An issue in TOTOLINK X6000R V9.4.0cu.652_B20230116 and V9.4.0cu.852_B20230719 allows a remote...
Critical
Unreviewed
CVE-2023-43453
was published
Dec 1, 2023
An issue in Tneda AX1803 v.1.0.0.1 allows a remote attacker to execute arbitrary code via the...
Critical
Unreviewed
CVE-2023-49040
was published
Nov 27, 2023
openssl npm package vulnerable to command execution
Critical
CVE-2023-49210
was published
for
openssl
(npm)
Nov 23, 2023
Qualitor through 8.20 allows remote attackers to execute arbitrary code via PHP code in the html...
Critical
Unreviewed
CVE-2023-47253
was published
Nov 6, 2023
An OS command injection vulnerability has been reported to affect several QNAP operating system...
Critical
Unreviewed
CVE-2023-23369
was published
Nov 3, 2023
ProTip!
Advisories are also available from the
GraphQL API