GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,740
Composer 4,239
Erlang 31
GitHub Actions 21
Go 2,007
Maven 5,196
npm 3,716
NuGet 662
pip 3,388
Pub 11
RubyGems 885
Rust 851
Swift 36

Unreviewed advisories

All unreviewed 235,784

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

805 advisories

Filter by severity

Sort by

Least recently updated

A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command... Critical Unreviewed

CVE-2024-50370 was published Nov 26, 2024

A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command... Critical Unreviewed

CVE-2024-50374 was published Nov 26, 2024

A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command... Critical Unreviewed

CVE-2024-50371 was published Nov 26, 2024

A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command... Critical Unreviewed

CVE-2024-50373 was published Nov 26, 2024

A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command... Critical Unreviewed

CVE-2024-50372 was published Nov 26, 2024

A CWE-306 "Missing Authentication for Critical Function" was discovered affecting the following... Critical Unreviewed

CVE-2024-50375 was published Nov 26, 2024

An OS Command Injection vulnerability exists within myPRO Manager. A parameter within a command... Critical Unreviewed

CVE-2024-52034 was published Nov 23, 2024

A parameter within a command does not properly validate input within myPRO Manager which could be... Critical Unreviewed

CVE-2024-47407 was published Nov 23, 2024

Cohesive Networks VNS3 Command Injection Remote Code Execution Vulnerability. This vulnerability... Critical Unreviewed

CVE-2024-8807 was published Nov 22, 2024

Cohesive Networks VNS3 Command Injection Remote Code Execution Vulnerability. This vulnerability... Critical Unreviewed

CVE-2024-8806 was published Nov 22, 2024

D-Link DI-8200 16.07.26A1 is vulnerable to remote command execution in the msp_info_htm function... Critical Unreviewed

CVE-2024-51151 was published Nov 22, 2024

A vulnerability in the web UI of Cisco IND could allow an authenticated, remote attacker to... Critical Unreviewed

CVE-2023-20036 was published Nov 15, 2024

Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote... Critical Unreviewed

CVE-2024-11120 was published Nov 15, 2024

A Python command injection vulnerability exists in the `SagemakerLLM` class's `complete()` method... Critical Unreviewed

CVE-2024-4343 was published Nov 14, 2024

Command injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure... Critical Unreviewed

CVE-2024-11005 was published Nov 12, 2024

Command injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure... Critical Unreviewed

CVE-2024-11006 was published Nov 12, 2024

Command injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure... Critical Unreviewed

CVE-2024-11007 was published Nov 12, 2024

EnGenius EWS356-FIT devices through 1.1.30 allow blind OS command injection. This allows an... Critical Unreviewed

CVE-2024-36061 was published Nov 11, 2024

A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected... Critical Unreviewed

CVE-2024-46890 was published Nov 12, 2024

A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. It... Critical Unreviewed

CVE-2024-10915 was published Nov 6, 2024

The pwrstudio web application of EV Charger (in the server in Circontrol Raption through 5.6.2)... Critical Unreviewed

CVE-2020-8007 was published Nov 8, 2024

Dell Enterprise SONiC OS, version(s) 4.1.x, 4.2.x, contain(s) an Improper Neutralization of... Critical Unreviewed

CVE-2024-45763 was published Nov 8, 2024

Dell Enterprise SONiC OS, version(s) 4.1.x, 4.2.x, contain(s) an Improper Neutralization of... Critical Unreviewed

CVE-2024-45765 was published Nov 8, 2024

Waybox Enel X web management application could be used to execute arbitrary OS commands and... Critical Unreviewed

CVE-2023-29120 was published Nov 5, 2024

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed

CVE-2024-51661 was published Nov 4, 2024

Previous 1 2 3 4 5 … 32 33 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

805 advisories