GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,972
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,983
npm
3,518
NuGet
609
pip
3,094
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
868 advisories
Filter by severity
On Seowon Intech routers, there is a Command Injection vulnerability in diagnostic.cgi via shell...
Critical
Unreviewed
CVE-2016-10760
was published
May 24, 2022
In NETGEAR ReadyNAS Surveillance before 1.4.3-17 x86 and before 1.1.4-7 ARM, $_GET['uploaddir']...
Critical
Unreviewed
CVE-2017-18378
was published
May 24, 2022
JetBrains Ktor framework before 1.2.0-rc does not sanitize the username provided by the user for...
Critical
Unreviewed
CVE-2019-12736
was published
May 24, 2022
This command injection vulnerability in Music Station allows attackers to execute commands on the...
Critical
Unreviewed
CVE-2018-0729
was published
May 24, 2022
IP-COM EW9 V15.11.0.14(9732) was discovered to contain a command injection vulnerability in the...
Critical
Unreviewed
CVE-2022-45005
was published
Dec 13, 2022
TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability...
Critical
Unreviewed
CVE-2023-29803
was published
Apr 14, 2023
TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability...
Critical
Unreviewed
CVE-2023-29802
was published
Apr 14, 2023
TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain multiple command injection...
Critical
Unreviewed
CVE-2023-29801
was published
Apr 14, 2023
TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability...
Critical
Unreviewed
CVE-2023-29799
was published
Apr 14, 2023
TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability...
Critical
Unreviewed
CVE-2023-29800
was published
Apr 14, 2023
TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability...
Critical
Unreviewed
CVE-2023-29798
was published
Apr 14, 2023
Nanoleaf Desktop App before v1.3.1 was discovered to contain a command injection vulnerability...
Critical
Unreviewed
CVE-2022-46640
was published
Apr 18, 2023
rails-routes-to-json v1.0.0 was discovered to contain a remote code execution (RCE) vulnerability...
Critical
Unreviewed
CVE-2023-27849
was published
Apr 24, 2023
Tenda AC18 v15.03.05.19(6318_)_cn was discovered to contain a command injection vulnerability via...
Critical
Unreviewed
CVE-2023-30135
was published
May 5, 2023
A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). The web based...
Critical
Unreviewed
CVE-2023-27407
was published
May 9, 2023
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 allows unauthenticated remote code...
Critical
Unreviewed
CVE-2023-30353
was published
May 10, 2023
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability...
Critical
Unreviewed
CVE-2022-29842
was published
May 10, 2023
A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows...
Critical
Unreviewed
CVE-2023-31985
was published
May 12, 2023
A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows...
Critical
Unreviewed
CVE-2023-31983
was published
May 12, 2023
A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows...
Critical
Unreviewed
CVE-2023-31986
was published
May 15, 2023
A command injection vulnerability in the hostTime parameter in the function NTPSyncWithHostof...
Critical
Unreviewed
CVE-2023-31856
was published
May 16, 2023
An issue was discovered in KaiOS 3.0 before 3.1. The /system/bin/tctweb_server binary exposes a...
Critical
Unreviewed
CVE-2023-33294
was published
May 22, 2023
TOTOLINK X5000R V9.1.0u.6118_B20201102 and V9.1.0u.6369_B20230113 contains a command insertion...
Critical
Unreviewed
CVE-2023-33487
was published
May 31, 2023
TOTOLINK X5000R V9.1.0u.6118_B20201102 and V9.1.0u.6369_B20230113 contain a command insertion...
Critical
Unreviewed
CVE-2023-33486
was published
May 31, 2023
Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to...
Critical
Unreviewed
CVE-2023-23952
was published
Jun 1, 2023
ProTip!
Advisories are also available from the
GraphQL API