GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,912
Composer 5,067
Erlang 39
GitHub Actions 38
Go 2,717
Maven 6,143
npm 4,328
NuGet 761
pip 4,105
Pub 12
RubyGems 958
Rust 1,065
Swift 45

Unreviewed advisories

All unreviewed 278,989

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

918 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An issue in Kasda LinkSmart Router KW5515 v1.7 and before allows an authenticated remote attacker... Critical Unreviewed

CVE-2024-33439 was published Nov 20, 2024

Multiple OS Command Injection vulnerabilities affecting Kasda KW6512 router software version... Critical Unreviewed

CVE-2024-29292 was published Nov 20, 2024

Improper neutralization of special elements used in a command ('Command Injection') vulnerability... Critical Unreviewed

CVE-2024-10443 was published Nov 15, 2024

An issue in DLink DWR 2000M 5G CPE With Wifi 6 Ax1800 and Dlink DWR 5G CPE DWR-2000M_1.34ME... Critical Unreviewed

CVE-2024-28729 was published Nov 13, 2024

Sublime Text 4 was discovered to contain a command injection vulnerability via the New Build... Critical Unreviewed

CVE-2024-25255 was published Nov 12, 2024

A vulnerability in the web-based management interface of Cisco Unified Industrial Wireless... Critical Unreviewed

CVE-2024-20418 was published Nov 6, 2024

Command injection vulnerability in the underlying CLI service could lead to unauthenticated... Critical Unreviewed

CVE-2024-42509 was published Nov 6, 2024

An issue in Lens Visual integration with Power BI v.4.0.0.3 allows a remote attacker to execute... Critical Unreviewed

CVE-2024-48746 was published Nov 6, 2024

DCME-320 v7.4.12.90 was discovered to contain a command injection vulnerability. Critical Unreviewed

CVE-2024-51115 was published Nov 6, 2024

Command injection vulnerability in the underlying CLI service could lead to unauthenticated... Critical Unreviewed

CVE-2024-47460 was published Nov 6, 2024

Improper Control of Generation of Code ('Code Injection') vulnerability in BG-TEK Informatics... Critical Unreviewed

CVE-2024-10035 was published Nov 4, 2024

DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and... Critical Unreviewed

CVE-2024-51260 was published Oct 31, 2024

DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and... Critical Unreviewed

CVE-2024-51255 was published Oct 31, 2024

DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and... Critical Unreviewed

CVE-2024-51259 was published Oct 31, 2024

getresetstatus in dns/views.py and ftp/views.py in CyberPanel (aka Cyber Panel) before 1c0c6cb... Critical Unreviewed

CVE-2024-51378 was published Oct 30, 2024

A prompt injection vulnerability in the chatbox of Fusion Chat Chat AI Assistant Ask Me Anything... Critical Unreviewed

CVE-2024-48144 was published Oct 24, 2024

A prompt injection vulnerability in the chatbox of Netangular Technologies ChatNet AI Version v1... Critical Unreviewed

CVE-2024-48145 was published Oct 24, 2024

An command injection vulnerability in Trend Micro Cloud Edge could allow a remote attacker to... Critical Unreviewed

CVE-2024-48904 was published Oct 22, 2024

A Command Injection vulnerability in Vilo 5 Mesh WiFi System <= 5.16.1.33 allows remote,... Critical Unreviewed

CVE-2024-40089 was published Oct 21, 2024

A vulnerability in NuPoint Messenger (NPM) of Mitel MiCollab through 9.8.0.33 allows an... Critical Unreviewed

CVE-2024-35285 was published Oct 21, 2024

An issue in DCME-320-L <=9.3.2.114 allows a remote attacker to execute arbitrary code via the... Critical Unreviewed

CVE-2024-48659 was published Oct 21, 2024

The `add_llm` function in `llm_app.py` in infiniflow/ragflow version 0.11.0 contains a remote... Critical Unreviewed

CVE-2024-10131 was published Oct 19, 2024

DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and... Critical Unreviewed

CVE-2024-48153 was published Oct 14, 2024

A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0).... Critical Unreviewed

CVE-2024-47562 was published Oct 8, 2024

A vulnerability in the REST API and web UI of Cisco Nexus Dashboard Fabric Controller (NDFC)... Critical Unreviewed

CVE-2024-20432 was published Oct 2, 2024

Previous 1…5…37 Next

Previous 1 2 3 4 5 6 7 … 36 37 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

918 advisories