GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,293 advisories
Filter by severity
Wiz Code Visual Studio Code extension in versions 1.0.0 up to 1.5.3 and Wiz (legacy) Visual...
High
Unreviewed
CVE-2024-9145
was published
Oct 1, 2024
Command injection in LocalStack
Critical
CVE-2021-32090
was published
for
localstack
(pip)
Jun 18, 2021
Command injection and multiple stack-based buffer overflows vulnerabilities in the...
Critical
Unreviewed
CVE-2021-26731
was published
Oct 24, 2022
Command injection in libvcs and vcspull
Critical
CVE-2022-21187
was published
for
libvcs
(pip)
Mar 15, 2022
There is a command injection vulnerability that may allow an attacker to inject malicious input...
High
Unreviewed
CVE-2024-45682
was published
Sep 17, 2024
Monica AI Assistant desktop application v2.3.0 is vulnerable to Exposure of Sensitive Information...
Moderate
Unreviewed
CVE-2024-45989
was published
Sep 26, 2024
SAP NetWeaver Administrator AS Java (Administrator Log Viewer plug-in) - version 7.50, allows an...
Critical
Unreviewed
CVE-2024-22127
was published
Mar 12, 2024
Dell SmartFabric OS10 Software, versions 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contains an...
High
Unreviewed
CVE-2024-39577
was published
Sep 26, 2024
An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows...
Moderate
Unreviewed
CVE-2024-8405
was published
Sep 26, 2024
An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows...
Moderate
Unreviewed
CVE-2024-4712
was published
May 14, 2024
In Progress Telerik UI for WPF versions prior to 2024 Q3 (2024.3.924), a command injection attack...
High
Unreviewed
CVE-2024-7575
was published
Sep 25, 2024
In Progress Telerik UI for WinForms versions prior to 2024 Q3 (2024.3.924), a command injection...
High
Unreviewed
CVE-2024-7679
was published
Sep 25, 2024
Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated...
Critical
Unreviewed
CVE-2024-42505
was published
Sep 25, 2024
Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated...
Critical
Unreviewed
CVE-2024-42506
was published
Sep 25, 2024
Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated...
Critical
Unreviewed
CVE-2024-42507
was published
Sep 25, 2024
A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE IP
sub-menu can allow a...
Critical
Unreviewed
CVE-2024-45066
was published
Sep 25, 2024
A specially crafted POST request to the ProGauge MAGLINK LX CONSOLE
UTILITY sub-menu can allow a...
Critical
Unreviewed
CVE-2024-43693
was published
Sep 25, 2024
A10 Thunder ADC CsrRequestView Command Injection Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2024-30368
was published
Jun 6, 2024
json-logic-js Command Injection vulnerability
Critical
CVE-2021-4329
was published
for
json-logic-js
(npm)
Mar 5, 2023
A condition exists in FlashArray and FlashBlade Purity whereby a malicious user could execute...
Critical
Unreviewed
CVE-2024-0005
was published
Sep 23, 2024
Xiaomi Router AX9000 has a post-authorization command injection vulnerability. This vulnerability...
Moderate
Unreviewed
CVE-2024-45348
was published
Sep 23, 2024
An authenticated user can execute arbitrary command in Gerapy
High
CVE-2021-32849
was published
for
gerapy
(pip)
Jan 6, 2022
Donfig Command Injection in collect_yaml method
Critical
CVE-2019-7537
was published
for
donfig
(pip)
May 14, 2022
A Command Injection vulnerability found in a Self-Hosted UniFi Network Servers (Linux) with UniFi...
High
Unreviewed
CVE-2024-42025
was published
Sep 13, 2024
ProTip!
Advisories are also available from the
GraphQL API