Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,971
Erlang
29
GitHub Actions
16
Go
1,752
Maven
4,982
npm
3,516
NuGet
609
pip
3,091
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

738 advisories

Loading
TP-Link TL-WPA8630P (US)_ V2_ Version 171011 was discovered to contain a command injection... Critical Unreviewed
CVE-2023-27836 was published Jun 13, 2023
TP-Link TL-WPA8630P (US)_ V2_ Version 171011 was discovered to contain a command injection... Critical Unreviewed
CVE-2023-27837 was published Jun 13, 2023
Previous versions of HP Device Manager (prior to HPDM 5.0.10) could potentially allow command... Critical Unreviewed
CVE-2023-26295 was published Jun 13, 2023
D-Link DIR-600 Hardware Version B5, Firmware Version 2.18 was discovered to contain a command... Critical Unreviewed
CVE-2023-33625 was published Jun 12, 2023
TOTOLink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection... Critical Unreviewed
CVE-2023-33556 was published Jun 7, 2023
Aria Operations for Networks contains a command injection vulnerability. A malicious actor with... Critical Unreviewed
CVE-2023-20887 was published Jun 7, 2023
An issue was discovered in Anyka Microelectronics AK3918EV300 MCU v18. A command injection... Critical Unreviewed
CVE-2023-30400 was published Jun 7, 2023
There is a command injection vulnerability in the Netgear R6250 router with Firmware Version 1.0... Critical Unreviewed
CVE-2023-33532 was published Jun 6, 2023
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection via the... Critical Unreviewed
CVE-2023-31569 was published Jun 6, 2023
Advanced Secure Gateway and Content Analysis, prior to 7.3.13.1 / 3.1.6.0, may be susceptible to... Critical Unreviewed
CVE-2023-23952 was published Jun 1, 2023
TOTOLINK X5000R V9.1.0u.6118_B20201102 and V9.1.0u.6369_B20230113 contain a command insertion... Critical Unreviewed
CVE-2023-33486 was published May 31, 2023
TOTOLINK X5000R V9.1.0u.6118_B20201102 and V9.1.0u.6369_B20230113 contains a command insertion... Critical Unreviewed
CVE-2023-33487 was published May 31, 2023
An issue was discovered in KaiOS 3.0 before 3.1. The /system/bin/tctweb_server binary exposes a... Critical Unreviewed
CVE-2023-33294 was published May 22, 2023
A command injection vulnerability in the hostTime parameter in the function NTPSyncWithHostof... Critical Unreviewed
CVE-2023-31856 was published May 16, 2023
A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows... Critical Unreviewed
CVE-2023-31986 was published May 15, 2023
A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows... Critical Unreviewed
CVE-2023-31983 was published May 12, 2023
A Command Injection vulnerability in Edimax Wireless Router N300 Firmware BR-6428NS_v4 allows... Critical Unreviewed
CVE-2023-31985 was published May 12, 2023
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... Critical Unreviewed
CVE-2022-29842 was published May 10, 2023
Shenzen Tenda Technology IP Camera CP3 V11.10.00.2211041355 allows unauthenticated remote code... Critical Unreviewed
CVE-2023-30353 was published May 10, 2023
A vulnerability has been identified in SCALANCE LPE9403 (All versions < V2.1). The web based... Critical Unreviewed
CVE-2023-27407 was published May 9, 2023
Tenda AC18 v15.03.05.19(6318_)_cn was discovered to contain a command injection vulnerability via... Critical Unreviewed
CVE-2023-30135 was published May 5, 2023
rails-routes-to-json v1.0.0 was discovered to contain a remote code execution (RCE) vulnerability... Critical Unreviewed
CVE-2023-27849 was published Apr 24, 2023
Nanoleaf Desktop App before v1.3.1 was discovered to contain a command injection vulnerability... Critical Unreviewed
CVE-2022-46640 was published Apr 18, 2023
TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability... Critical Unreviewed
CVE-2023-29798 was published Apr 14, 2023
TOTOLINK X18 V9.1.0cu.2024_B20220329 was discovered to contain a command injection vulnerability... Critical Unreviewed
CVE-2023-29799 was published Apr 14, 2023
ProTip! Advisories are also available from the GraphQL API