GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 19,370
Composer 3,968
Erlang 29
GitHub Actions 16
Go 1,749
Maven 4,978
npm 3,509
NuGet 609
pip 3,084
Pub 10
RubyGems 832
Rust 782
Swift 34

Unreviewed advisories

All unreviewed 221,313

CC-BY-4.0 License

Language support

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,883 advisories

Filter by severity

Sort by

Least recently updated

Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an... High Unreviewed

CVE-2024-37140 was published Jun 26, 2024

A command injection vulnerability exists in the mudler/localai version 2.14.0. The vulnerability... Critical Unreviewed

CVE-2024-5181 was published Jun 26, 2024

The CRUDDIY project is vulnerable to shell command injection via sending a crafted POST request... High Unreviewed

CVE-2024-4748 was published Jun 24, 2024

A vulnerability has been found in Ruijie RG-UAC 1.0 and classified as critical. This... Moderate Unreviewed

CVE-2024-6187 was published Jun 20, 2024

A vulnerability, which was classified as critical, was found in Ruijie RG-UAC 1.0. This affects... Moderate Unreviewed

CVE-2024-6186 was published Jun 20, 2024

A vulnerability classified as critical was found in Ruijie RG-UAC 1.0. Affected by this... Moderate Unreviewed

CVE-2024-6184 was published Jun 20, 2024

A vulnerability, which was classified as critical, has been found in Ruijie RG-UAC 1.0. Affected... Moderate Unreviewed

CVE-2024-6185 was published Jun 20, 2024

Openfind's MailGates and MailAudit fail to properly filter user input when analyzing email... Critical Unreviewed

CVE-2024-6048 was published Jun 17, 2024

Certain EOL GeoVision devices fail to properly filter user input for the specific functionality.... Critical Unreviewed

CVE-2024-6047 was published Jun 17, 2024

SECOM WRTR-304GN-304TW-UPSC V02(unsupported-when-assigned) does not properly filter user input in... Critical Unreviewed

CVE-2024-6046 was published Jun 17, 2024

The specific function parameter of ASUS Download Master does not properly filter user input. An... High Unreviewed

CVE-2024-31162 was published Jun 14, 2024

Remote Command program allows an attacker to get Remote Code Execution. As for the affected... Critical Unreviewed

CVE-2024-27172 was published Jun 14, 2024

A privilege escalation vulnerability was reported in Lenovo Service Bridge prior to version 5.0.2... High Unreviewed

CVE-2024-4696 was published Jun 13, 2024

Command injection vulnerability in Comtrend router WLD71-T1_v2.0.201820, affecting the GRG-4280us... High Unreviewed

CVE-2024-5785 was published Jun 10, 2024

System command injection through Netflow function due to improper input validation, allowing... Unknown Unreviewed

CVE-2024-35304 was published Jun 10, 2024

OS Command injection in Ajax PHP files via HTTP Request, allows to execute system commands by... Unknown Unreviewed

CVE-2024-35306 was published Jun 10, 2024

In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache... Critical Unreviewed

CVE-2024-4577 was published Jun 9, 2024

An OS command injection vulnerability exists in the MacOS Text-To-Speech class MacOSTTS of the... High Unreviewed

CVE-2024-1880 was published Jun 6, 2024

A vulnerability in the parisneo/lollms-webui version 9.3 allows attackers to bypass intended... Critical Unreviewed

CVE-2024-2359 was published Jun 6, 2024

AutoGPT, a component of significant-gravitas/autogpt, is vulnerable to an improper neutralization... High Unreviewed

CVE-2024-1881 was published Jun 6, 2024

A remote code execution vulnerability exists in mintplex-labs/anything-llm due to improper... Critical Unreviewed

CVE-2024-3104 was published Jun 6, 2024

A10 Thunder ADC CsrRequestView Command Injection Remote Code Execution Vulnerability. This... High Unreviewed

CVE-2024-30368 was published Jun 6, 2024

SysAid - CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command... Critical Unreviewed

CVE-2024-36394 was published Jun 6, 2024

Missing input validation and OS command integration of the input in the utnserver Pro, utnserver... Unknown Unreviewed

CVE-2024-5421 was published Jun 4, 2024

** UNSUPPORTED WHEN ASSIGNED ** The command injection vulnerability in the “setCookie” parameter... Critical Unreviewed

CVE-2024-29973 was published Jun 4, 2024

Previous 1 2 3 4 5 … 115 116 Next

ProTip! Advisories are also available from the GraphQL API

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,883 advisories