GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,971
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,091
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
738 advisories
Filter by severity
TP-Link TL-WPA8630P (US)_ V2_ Version 171011 was discovered to contain a command injection...
Critical
Unreviewed
CVE-2023-27836
was published
Jun 13, 2023
TP-Link TL-WPA8630P (US)_ V2_ Version 171011 was discovered to contain a command injection...
Critical
Unreviewed
CVE-2023-27837
was published
Jun 13, 2023
Previous versions of HP Device Manager (prior to HPDM 5.0.10) could potentially allow command...
Critical
Unreviewed
CVE-2023-26295
was published
Jun 13, 2023
D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a command...
Critical
Unreviewed
CVE-2023-33625
was published
Jun 12, 2023
TOTOLink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection...
Critical
Unreviewed
CVE-2023-33556
was published
Jun 7, 2023
Aria Operations for Networks contains a command injection vulnerability. A malicious actor with...
Critical
Unreviewed
CVE-2023-20887
was published
Jun 7, 2023
An issue was discovered in Anyka Microelectronics AK3918EV300 MCU v18. A command injection...
Critical
Unreviewed
CVE-2023-30400
was published
Jun 7, 2023
There is a command injection vulnerability in the Netgear R6250 router with Firmware Version 1.0...
Critical
Unreviewed
CVE-2023-33532
was published
Jun 6, 2023
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection via the...
Critical
Unreviewed
CVE-2023-31569
was published
Jun 6, 2023
Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to...
Critical
Unreviewed
CVE-2023-23952
was published
Jun 1, 2023
TOTOLINK X5000R V9.1.0u.6118_B20201102 and V9.1.0u.6369_B20230113 contain a command insertion...
Critical
Unreviewed
CVE-2023-33486
was published
May 31, 2023
TOTOLINK X5000R V9.1.0u.6118_B20201102 and V9.1.0u.6369_B20230113 contains a command insertion...
Critical
Unreviewed
CVE-2023-33487
was published
May 31, 2023
An issue was discovered in KaiOS 3.0 before 3.1. The /system/bin/tctweb_server binary exposes a...
Critical
Unreviewed
CVE-2023-33294
was published
May 22, 2023
A command injection vulnerability in the hostTime parameter in the function NTPSyncWithHostof...
Critical
Unreviewed
CVE-2023-31856
was published
May 16, 2023
A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows...
Critical
Unreviewed
CVE-2023-31986
was published
May 15, 2023
A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows...
Critical
Unreviewed
CVE-2023-31983
was published
May 12, 2023
A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows...
Critical
Unreviewed
CVE-2023-31985
was published
May 12, 2023
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability...
Critical
Unreviewed
CVE-2022-29842
was published
May 10, 2023
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 allows unauthenticated remote code...
Critical
Unreviewed
CVE-2023-30353
was published
May 10, 2023
A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). The web based...
Critical
Unreviewed
CVE-2023-27407
was published
May 9, 2023
Tenda AC18 v15.03.05.19(6318_)_cn was discovered to contain a command injection vulnerability via...
Critical
Unreviewed
CVE-2023-30135
was published
May 5, 2023
rails-routes-to-json v1.0.0 was discovered to contain a remote code execution (RCE) vulnerability...
Critical
Unreviewed
CVE-2023-27849
was published
Apr 24, 2023
Nanoleaf Desktop App before v1.3.1 was discovered to contain a command injection vulnerability...
Critical
Unreviewed
CVE-2022-46640
was published
Apr 18, 2023
TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability...
Critical
Unreviewed
CVE-2023-29798
was published
Apr 14, 2023
TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability...
Critical
Unreviewed
CVE-2023-29799
was published
Apr 14, 2023
ProTip!
Advisories are also available from the
GraphQL API