Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,205 advisories

Loading
A post-authentication remote command injection vulnerability in a CGI file in Western Digital My... High Unreviewed
CVE-2023-22816 was published Jul 1, 2023
Post-authentication remote command injection vulnerabilities in Western Digital My Cloud OS 5... Moderate Unreviewed
CVE-2023-22815 was published Jul 1, 2023
Qualitor through 8.20 allows remote attackers to execute arbitrary code via PHP code in the html... Critical Unreviewed
CVE-2023-47253 was published Nov 6, 2023
Zentao v18.0 to v18.10 was discovered to contain a remote code execution (RCE) vulnerability via... Critical Unreviewed
CVE-2024-24216 was published Feb 8, 2024
Distrobox before 1.7.0.1 allows attackers to execute arbitrary code via command injection into... Critical Unreviewed
CVE-2024-29864 was published Mar 21, 2024
Ansible fails to properly sanitize fact variables sent from the Ansible controller Critical
CVE-2016-8628 was published for ansible (pip) Oct 10, 2018
WAYOS FBM-291W v19.09.11 is vulnerable to Command Execution via msp_info_htm. High Unreviewed
CVE-2024-44383 was published Sep 4, 2024
Commands can be injected over the network and executed without authentication. High Unreviewed
CVE-2024-7029 was published Aug 2, 2024
An issue discovered in sub_4117F8 function in TOTOLINK X6000R V9.4.0cu.852_B20230719 allows... Critical Unreviewed
CVE-2023-52042 was published Jan 17, 2024
Vulnerability in admin_ip.php in Seacms v13.1, when action=set, allows attackers to control IP... High Unreviewed
CVE-2024-44916 was published Aug 30, 2024
Command Injection vulnerability in D-Link Dir 816 with firmware version DIR-816_A2_v1.10CNB04... Critical Unreviewed
CVE-2023-24331 was published Feb 21, 2024
An issue in idocv v.14.1.3_20231228 allows a remote attacker to execute arbitrary code and obtain... High Unreviewed
CVE-2024-24377 was published Feb 16, 2024
In Indo-Sol PROFINET-INspektor NT through 2.4.0, a command injection vulnerability in the... Critical Unreviewed
CVE-2023-49959 was published Feb 26, 2024
A vulnerability classified as critical was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320,... Moderate Unreviewed
CVE-2024-8214 was published Aug 27, 2024
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW,... Moderate Unreviewed
CVE-2024-8211 was published Aug 27, 2024
A vulnerability classified as critical has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS... Moderate Unreviewed
CVE-2024-8213 was published Aug 27, 2024
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW,... Moderate Unreviewed
CVE-2024-8210 was published Aug 27, 2024
FitNesse allows execution of arbitrary OS commands Critical
CVE-2024-28125 was published for org.fitnesse:fitnesse (Maven) Mar 18, 2024
Beijing Digital China Cloud Technology Co., Ltd. DCME-320 v.7.4.12.60 has a command execution... Critical Unreviewed
CVE-2024-42905 was published Aug 28, 2024
An issue discovered in Alldata v0.4.6 allows attacker to run arbitrary commands via the processId... Moderate Unreviewed
CVE-2024-29435 was published Apr 1, 2024
An issue in TRENDnet TEW-822DRE v.1.03B02 allows a local attacker to execute arbitrary code via... Moderate Unreviewed
CVE-2023-51835 was published Feb 29, 2024
TYPO3 Install Tool vulnerable to Code Execution High
CVE-2024-22188 was published for typo3/cms-core (Composer) Feb 13, 2024
bnf
TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a remote code execution (RCE)... High Unreviewed
CVE-2024-31811 was published Apr 8, 2024
A vulnerability identified in Advance Authentication that allows bash command Injection in... Moderate Unreviewed
CVE-2021-38120 was published Aug 28, 2024
There is a command injection vulnerability in the TRENDnet TEW-827DRU router with firmware... High Unreviewed
CVE-2024-28353 was published Mar 15, 2024
ProTip! Advisories are also available from the GraphQL API