GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,968
Erlang
29
GitHub Actions
16
Go
1,749
Maven
4,978
npm
3,509
NuGet
609
pip
3,084
Pub
10
RubyGems
832
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
2,883 advisories
Filter by severity
Dell PowerProtect DD, versions prior to 8.0, LTS 7.13.1.0, LTS 7.10.1.30, LTS 7.7.5.40 contain an...
High
Unreviewed
CVE-2024-37140
was published
Jun 26, 2024
A command injection vulnerability exists in the mudler/localai version 2.14.0. The vulnerability...
Critical
Unreviewed
CVE-2024-5181
was published
Jun 26, 2024
The CRUDDIY project is vulnerable to shell command injection via sending a crafted POST request...
High
Unreviewed
CVE-2024-4748
was published
Jun 24, 2024
A vulnerability has been found in Ruijie RG-UAC 1.0 and classified as critical. This...
Moderate
Unreviewed
CVE-2024-6187
was published
Jun 20, 2024
A vulnerability, which was classified as critical, was found in Ruijie RG-UAC 1.0. This affects...
Moderate
Unreviewed
CVE-2024-6186
was published
Jun 20, 2024
A vulnerability classified as critical was found in Ruijie RG-UAC 1.0. Affected by this...
Moderate
Unreviewed
CVE-2024-6184
was published
Jun 20, 2024
A vulnerability, which was classified as critical, has been found in Ruijie RG-UAC 1.0. Affected...
Moderate
Unreviewed
CVE-2024-6185
was published
Jun 20, 2024
Openfind's MailGates and MailAudit fail to properly filter user input when analyzing email...
Critical
Unreviewed
CVE-2024-6048
was published
Jun 17, 2024
Certain EOL GeoVision devices fail to properly filter user input for the specific functionality....
Critical
Unreviewed
CVE-2024-6047
was published
Jun 17, 2024
SECOM WRTR-304GN-304TW-UPSC V02(unsupported-when-assigned) does not properly filter user input in...
Critical
Unreviewed
CVE-2024-6046
was published
Jun 17, 2024
The specific function parameter of ASUS Download Master does not properly filter user input. An...
High
Unreviewed
CVE-2024-31162
was published
Jun 14, 2024
Remote Command program allows an attacker to get Remote Code Execution. As for the affected...
Critical
Unreviewed
CVE-2024-27172
was published
Jun 14, 2024
A privilege escalation vulnerability was reported in Lenovo Service Bridge prior to version 5.0.2...
High
Unreviewed
CVE-2024-4696
was published
Jun 13, 2024
Command injection vulnerability in Comtrend router WLD71-T1_v2.0.201820, affecting the GRG-4280us...
High
Unreviewed
CVE-2024-5785
was published
Jun 10, 2024
System command injection through Netflow function due to improper input validation, allowing...
Unknown
Unreviewed
CVE-2024-35304
was published
Jun 10, 2024
OS Command injection in Ajax PHP files via HTTP Request, allows to execute system commands by...
Unknown
Unreviewed
CVE-2024-35306
was published
Jun 10, 2024
In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache...
Critical
Unreviewed
CVE-2024-4577
was published
Jun 9, 2024
An OS command injection vulnerability exists in the MacOS Text-To-Speech class MacOSTTS of the...
High
Unreviewed
CVE-2024-1880
was published
Jun 6, 2024
A vulnerability in the parisneo/lollms-webui version 9.3 allows attackers to bypass intended...
Critical
Unreviewed
CVE-2024-2359
was published
Jun 6, 2024
AutoGPT, a component of significant-gravitas/autogpt, is vulnerable to an improper neutralization...
High
Unreviewed
CVE-2024-1881
was published
Jun 6, 2024
A remote code execution vulnerability exists in mintplex-labs/anything-llm due to improper...
Critical
Unreviewed
CVE-2024-3104
was published
Jun 6, 2024
A10 Thunder ADC CsrRequestView Command Injection Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2024-30368
was published
Jun 6, 2024
SysAid - CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command...
Critical
Unreviewed
CVE-2024-36394
was published
Jun 6, 2024
Missing input validation and OS command integration of the input in the utnserver Pro, utnserver...
Unknown
Unreviewed
CVE-2024-5421
was published
Jun 4, 2024
** UNSUPPORTED WHEN ASSIGNED **
The command injection vulnerability in the “setCookie” parameter...
Critical
Unreviewed
CVE-2024-29973
was published
Jun 4, 2024
ProTip!
Advisories are also available from the
GraphQL API