GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,992
Erlang
29
GitHub Actions
16
Go
1,782
Maven
5,000+
npm
3,544
NuGet
619
pip
3,134
Pub
10
RubyGems
838
Rust
795
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,758 advisories
Filter by severity
OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable...
High
Unreviewed
CVE-2024-4639
was published
Jun 25, 2024
In WhatsUp Gold versions released before 2023.1.3, a Remote Code Execution issue exists in...
Critical
Unreviewed
CVE-2024-4883
was published
Jun 25, 2024
In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Remote Code Execution...
Critical
Unreviewed
CVE-2024-4884
was published
Jun 25, 2024
The CRUDDIY project is vulnerable to shell command injection via sending a crafted POST request...
High
Unreviewed
CVE-2024-4748
was published
Jun 24, 2024
TELSAT marKoni FM Transmitters are vulnerable to a command injection vulnerability through the...
Unknown
Unreviewed
CVE-2024-39373
was published
Jun 27, 2024
This Advisory describes an issue that impacts Arista Wireless Access Points. Any entity with the...
High
Unreviewed
CVE-2024-4578
was published
Jun 27, 2024
Cisco Adaptive Security Appliance (ASA) Software before 8.4(1) on ASA 5500, ASA 5500-X, PIX, and...
High
Unreviewed
CVE-2016-6367
was published
May 17, 2022
The D-Link DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and earlier allows remote...
High
Unreviewed
CVE-2015-2051
was published
May 17, 2022
Shell Injection vulnerability GL.iNet A1300 v4.4.6, AX1800 v4.4.6, AXT1800 v4.4.6, MT3000 v4.4.6,...
High
Unreviewed
CVE-2023-50445
was published
Dec 28, 2023
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface....
High
Unreviewed
CVE-2024-25611
was published
Mar 5, 2024
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface....
High
Unreviewed
CVE-2024-1356
was published
Mar 5, 2024
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface....
High
Unreviewed
CVE-2024-25612
was published
Mar 5, 2024
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface....
High
Unreviewed
CVE-2024-25613
was published
Mar 5, 2024
Tenda F1202 v1.2.0.20(408) has a command injection vulnerablility in the formWriteFacMac function...
High
Unreviewed
CVE-2024-30637
was published
Mar 29, 2024
VMware SD-WAN Edge contains an unauthenticated command injection vulnerability potentially...
High
Unreviewed
CVE-2024-22246
was published
Apr 2, 2024
Tenda AC7V1.0 v15.03.06.44 firmware contains a command injection vulnerablility in formexeCommand...
High
Unreviewed
CVE-2024-32281
was published
Apr 17, 2024
Tenda FH1203 V2.0.1.6 firmware has a command injection vulnerablility in formexeCommand function...
High
Unreviewed
CVE-2024-32283
was published
Apr 17, 2024
Tenda W30E v1.0 V1.0.1.25(633) firmware contains a command injection vulnerablility in the...
High
Unreviewed
CVE-2024-32292
was published
Apr 17, 2024
A Heap Overflow vulnerability in WLInfoRailService component of Ivanti Avalanche before 6.4.3...
High
Unreviewed
CVE-2024-22061
was published
Apr 19, 2024
Tenda AC500 V2.0.1.9(1307) firmware contains a command injection vulnerablility in the...
Low
Unreviewed
CVE-2024-32314
was published
Apr 17, 2024
CSV Injection vulnerability in the Asus RT-N12+ router allows administrator users to inject...
Moderate
Unreviewed
CVE-2024-28328
was published
Apr 26, 2024
D-Link DIR-822+ V1.0.5 was found to contain a command injection in SetPlcNetworkpwd function of...
High
Unreviewed
CVE-2024-33342
was published
Apr 26, 2024
D-Link DIR-822+ V1.0.5 was found to contain a command injection in ftext function of...
Critical
Unreviewed
CVE-2024-33344
was published
Apr 26, 2024
TRENDnet TEW-815DAP 1.0.2.0 is vulnerable to Command Injection via the do_setNTP function. An...
Moderate
Unreviewed
CVE-2024-22546
was published
Apr 30, 2024
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability via the ipurl...
Critical
Unreviewed
CVE-2024-33789
was published
May 3, 2024
ProTip!
Advisories are also available from the
GraphQL API