Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

978 advisories

Loading
The improper neutralization of special elements in the parameter "host" in the CGI program of... Critical Unreviewed
CVE-2024-7261 was published Sep 3, 2024
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... Critical Unreviewed
CVE-2024-21878 was published Aug 12, 2024
Command injection vulnerability in Asus RT-N15U 3.0.0.4.376_3754 allows a remote attacker to... Critical Unreviewed
CVE-2024-42757 was published Aug 15, 2024
An issue in Infotel Conseil GLPI v.10.X.X and after allows a remote attacker to execute arbitrary... Critical Unreviewed
CVE-2024-31705 was published Apr 29, 2024
Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows... Critical Unreviewed
CVE-2024-23789 was published Aug 14, 2024
NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote... Critical Unreviewed
CVE-2023-43208 was published Oct 26, 2023
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed
CVE-2024-6917 was published Aug 12, 2024
The function "generate_app_certificates" in controllers/saml2/saml2.js of FIWARE Keyrock <= 8.4... Critical Unreviewed
CVE-2024-42167 was published Aug 12, 2024
The function "generate_app_certificates" in lib/app_certificates.js of FIWARE Keyrock <= 8.4 does... Critical Unreviewed
CVE-2024-42166 was published Aug 12, 2024
Remote Code Execution due to Full Controled File Write in mlflow Critical
CVE-2023-6018 was published for mlflow (pip) Nov 16, 2023
marco27183 mberges21
GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000... Critical Unreviewed
CVE-2024-39228 was published Aug 6, 2024
OS command injection vulnerability exists in ffBull ver.4.11, which may allow a remote... Critical Unreviewed
CVE-2024-28048 was published Mar 26, 2024
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly... Critical Unreviewed
CVE-2024-38887 was published Aug 2, 2024
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly... Critical Unreviewed
CVE-2024-38882 was published Aug 2, 2024
LocalAI Command Injection in audioToWav Critical
CVE-2024-2029 was published for github.com/go-skynet/LocalAI (Go) Apr 10, 2024
Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2024-41468 was published Jul 26, 2024
FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allow a... Critical Unreviewed
CVE-2024-36491 was published Jul 17, 2024
Improper Neutralization of Special Elements used in an OS Command vulnerability in NEC... Critical Unreviewed
CVE-2024-28015 was published Mar 28, 2024
Liferay Portal 6.2.5 allows Command=FileUpload&Type=File&CurrentFolder=/ requests when frmfolders... Critical Unreviewed
CVE-2021-33990 was published Apr 16, 2023
An issue was found on the Ruijie EG-2000 series gateway. There is a newcli.php API interface... Critical Unreviewed
CVE-2019-16639 was published Jul 16, 2024
An issue was discovered in Svakom Siime Eye 14.1.00000001.3.330.0.0.3.14. A command injection... Critical Unreviewed
CVE-2020-11920 was published May 24, 2022
The web services of Softnext's products, Mail SQR Expert and Mail Archiving Expert do not... Critical Unreviewed
CVE-2024-5670 was published Jul 29, 2024
Remote Code execution vulnerability in Micro Focus Operation Bridge Reporter (OBR) product,... Critical Unreviewed
CVE-2021-22502 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow... Critical Unreviewed
CVE-2021-1498 was published May 24, 2022
Multiple vulnerabilities in the web-based management interface of Cisco HyperFlex HX could allow... Critical Unreviewed
CVE-2021-1497 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database