Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,205 advisories

Loading
An authenticated user can execute arbitrary command in Gerapy High
CVE-2021-32849 was published for gerapy (pip) Jan 6, 2022
Donfig Command Injection in collect_yaml method Critical
CVE-2019-7537 was published for donfig (pip) May 14, 2022
A Command Injection vulnerability found in a Self-Hosted UniFi Network Servers (Linux) with UniFi... High Unreviewed
CVE-2024-42025 was published Sep 13, 2024
Improper Input Validation vulnerability in ABB Ltd. ASPECT®-Enterprise on ASPECT®-Enterprise,... Critical Unreviewed
CVE-2023-0636 was published Jul 6, 2023
Starship vulnerable to shell injection via undocumented, unpredictable shell expansion in custom commands High
CVE-2024-41815 was published for starship (Rust) Jul 26, 2024
evanbattaglia
Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a vulnerability when using... Moderate Unreviewed
CVE-2023-31429 was published Aug 1, 2023
TELSAT marKoni FM Transmitters are vulnerable to a command injection vulnerability through the... Critical Unreviewed
CVE-2024-39373 was published Jun 27, 2024
There is a command injection vulnerability that may allow an attacker to inject malicious input... High Unreviewed
CVE-2024-45682 was published Sep 17, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system... High Unreviewed
CVE-2024-38641 was published Sep 6, 2024
LoLLMS Command Injection vulnerability High
CVE-2024-4078 was published for lollms (pip) May 16, 2024
Tenda FH451 v1.0.0.9 has a command injection vulnerability in the formexeCommand function i High Unreviewed
CVE-2024-46048 was published Sep 13, 2024
COMFAST CF-XR11 V2.7.2 has a command injection vulnerability in function sub_424CB4. Attackers... Critical Unreviewed
CVE-2024-44466 was published Sep 11, 2024
Improper Input Validation vulnerability in Hillstone Networks Hillstone Networks Web Application... Critical Unreviewed
CVE-2024-8073 was published Aug 26, 2024
An issue has been discovered in GitLab EE affecting all versions starting from 16.11 prior to 17... High Unreviewed
CVE-2024-8640 was published Sep 12, 2024
TOTOLINK EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command... Critical Unreviewed
CVE-2023-51014 was published Dec 22, 2023
Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were... Critical Unreviewed
CVE-2022-27005 was published Mar 17, 2022
TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to an unauthorized arbitrary command... Critical Unreviewed
CVE-2023-51025 was published Dec 22, 2023
CVE-2024-45824 IMPACT A remote code vulnerability exists in the affected products. The... Critical Unreviewed
CVE-2024-45824 was published Sep 12, 2024
Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were... Critical Unreviewed
CVE-2022-27004 was published Mar 17, 2022
Totolink routers s X5000R V9.1.0u.6118_B20201102 and A7000R V9.1.0u.6115_B20201022 were... Critical Unreviewed
CVE-2022-27003 was published Mar 17, 2022
RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the... High Unreviewed
CVE-2024-44572 was published Sep 11, 2024
RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a code injection vulnerability via the... High Unreviewed
CVE-2024-44570 was published Sep 11, 2024
RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the... High Unreviewed
CVE-2024-44574 was published Sep 11, 2024
RELY-PCIe v22.2.1 to v23.1.0 was discovered to contain a command injection vulnerability via the... High Unreviewed
CVE-2024-44577 was published Sep 11, 2024
Remote code execution (RCE) in Apache Airflow High
CVE-2020-11978 was published for apache-airflow (pip) Jul 27, 2020
sunSUNQ
ProTip! Advisories are also available from the GraphQL API