Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,928 advisories

Loading
An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518... High Unreviewed
CVE-2024-8190 was published Sep 10, 2024
An attacker with authenticated access to VICIdial as an "agent" can execute arbitrary shell... High Unreviewed
CVE-2024-8504 was published Sep 10, 2024
A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due... High Unreviewed
CVE-2024-43386 was published Sep 10, 2024
An low privileged remote attacker can execute OS commands with root privileges due to improper... High Unreviewed
CVE-2024-7699 was published Sep 10, 2024
A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due... High Unreviewed
CVE-2024-43385 was published Sep 10, 2024
A low privileged remote attacker can read and write files as root due to improper neutralization... High Unreviewed
CVE-2024-43387 was published Sep 10, 2024
D-Link DI-7003GV2 v24.04.18D1, DI-7100G+V2 v24.04.18D1, DI-7100GV2 v24.04.18D1, DI-7200GV2 v24.04... High Unreviewed
CVE-2024-44333 was published Sep 9, 2024
DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection... High Unreviewed
CVE-2024-44844 was published Sep 6, 2024
DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection... High Unreviewed
CVE-2024-44845 was published Sep 6, 2024
An OS command injection vulnerability has been reported to affect legacy QTS. If exploited, the... High Unreviewed
CVE-2023-39300 was published Sep 6, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system... High Unreviewed
CVE-2024-21898 was published Sep 6, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system... High Unreviewed
CVE-2023-34974 was published Sep 6, 2024
A command injection vulnerability in the IPSec VPN feature of Zyxel ATP series firmware versions... High Unreviewed
CVE-2024-42057 was published Sep 3, 2024
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from... High Unreviewed
CVE-2024-7203 was published Sep 3, 2024
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from... High Unreviewed
CVE-2024-42060 was published Sep 3, 2024
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from... High Unreviewed
CVE-2024-42059 was published Sep 3, 2024
** UNSUPPORTED WHEN ASSIGNED ** A command injection vulnerability in the functions formSysCmd(),... High Unreviewed
CVE-2024-8234 was published Aug 30, 2024
D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE)... High Unreviewed
CVE-2024-44341 was published Aug 27, 2024
D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE)... High Unreviewed
CVE-2024-41622 was published Aug 27, 2024
D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE)... High Unreviewed
CVE-2024-44342 was published Aug 27, 2024
D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE)... High Unreviewed
CVE-2024-44340 was published Aug 27, 2024
Magnet Forensics AXIOM Command Injection Remote Code Execution Vulnerability. This vulnerability... High Unreviewed
CVE-2024-7448 was published Aug 21, 2024
SSH authenticated user when access the PAM server can execute an OS command to gain the full... High Unreviewed
CVE-2020-11847 was published Aug 21, 2024
A Command Injection vulnerability exists in the do_upgrade_post function of the httpd binary in... High Unreviewed
CVE-2024-42633 was published Aug 19, 2024
Adobe Commerce versions 2.4.7-p1, 2.4.6-p6, 2.4.5-p8, 2.4.4-p9 and earlier are affected by an... High Unreviewed
CVE-2024-39402 was published Aug 14, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database