Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,293
Erlang
31
GitHub Actions
21
Go
2,061
Maven
5,000+
npm
3,744
NuGet
668
pip
3,423
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+

1,975 advisories

Loading
A command execution vulnerability exists in the AX2 Pro home router produced by Shenzhen Tenda... High Unreviewed
CVE-2024-48459 was published Oct 25, 2024
EnGenius ENH1350EXT A8J-ENH1350EXT devices through 3.9.3.2_c1.9.51 allow (blind) OS Command... High Unreviewed
CVE-2024-45242 was published Oct 24, 2024
OS Command Injection in Snyk gradle plugin High
CVE-2024-48964 was published for snyk-gradle-plugin (npm) Oct 23, 2024
OS Command Injection in Snyk php plugin High
CVE-2024-48963 was published for snyk-php-plugin (npm) Oct 23, 2024
Administrative Management System from Wellchoose has an OS Command Injection vulnerability,... High Unreviewed
CVE-2024-10202 was published Oct 21, 2024
D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain multiple command... High Unreviewed
CVE-2024-48633 was published Oct 17, 2024
D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command... High Unreviewed
CVE-2024-48631 was published Oct 17, 2024
D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command... High Unreviewed
CVE-2024-48634 was published Oct 17, 2024
D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command... High Unreviewed
CVE-2024-48635 was published Oct 17, 2024
D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command... High Unreviewed
CVE-2024-48638 was published Oct 17, 2024
D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command... High Unreviewed
CVE-2024-48629 was published Oct 17, 2024
D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command... High Unreviewed
CVE-2024-48630 was published Oct 17, 2024
D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command... High Unreviewed
CVE-2024-48636 was published Oct 17, 2024
D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain a command... High Unreviewed
CVE-2024-48637 was published Oct 17, 2024
D-Link DIR_882_FW130B06 and DIR_878 DIR_878_FW130B08 were discovered to contain multiple command... High Unreviewed
CVE-2024-48632 was published Oct 17, 2024
A vulnerability in the web-based management interface of Cisco ATA 190 Series Analog Telephone... High Unreviewed
CVE-2024-20458 was published Oct 16, 2024
The affected product permits OS command injection through improperly restricted commands,... High Unreviewed
CVE-2024-9139 was published Oct 14, 2024
DrayTek Vigor3900 v1.5.1.6 was discovered to contain a command injection vulnerability via the... High Unreviewed
CVE-2024-46316 was published Oct 9, 2024
On Windows platforms, a "best fit" character encoding conversion of command line arguments to... High Unreviewed
CVE-2024-45720 was published Oct 9, 2024
An OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2... High Unreviewed
CVE-2024-9380 was published Oct 8, 2024
A command injection vulnerability exists in Motorola CX2L router v1.0.2 and below. The... High Unreviewed
CVE-2024-45880 was published Oct 8, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'),... High Unreviewed
CVE-2024-9054 was published Oct 4, 2024
TP-LINK TL-WDR5620 v2.3 was discovered to contain a remote code execution (RCE) vulnerability via... High Unreviewed
CVE-2024-46486 was published Oct 4, 2024
@saltcorn/plugins-loader unsanitized plugin name leads to a remote code execution (RCE) vulnerability when creating plugins using git source High
GHSA-fm76-w8jw-xf8m was published for @saltcorn/plugins-loader (npm) Oct 3, 2024
dellalibera
Syrotech SY-GOPON-8OLT-L3 v1.6.0_240629 was discovered to contain an authenticated command... High Unreviewed
CVE-2024-46658 was published Oct 3, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database