Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

809 advisories

Loading
NETIS SYSTEMS MW5360 V1.0.1.3031 was discovered to contain a command injection vulnerability via... Critical Unreviewed
CVE-2024-22729 was published Jan 25, 2024
Command Injection vulnerability in Mathtex v.1.05 and before allows a remote attacker to execute... Critical Unreviewed
CVE-2023-51887 was published Jan 24, 2024
An issue discovered in TOTOLINK X6000R v9.4.0cu.852_B20230719 allows attackers to run arbitrary... Critical Unreviewed
CVE-2023-52040 was published Jan 24, 2024
There is a command injection vulnerability in the ssdpcgi_main function of cgibin binary in D... Critical Unreviewed
CVE-2024-22651 was published Jan 24, 2024
An issue discovered in TOTOLINK X6000R v9.4.0cu.852_B20230719 allows attackers to run arbitrary... Critical Unreviewed
CVE-2023-52038 was published Jan 24, 2024
An issue discovered in TOTOLINK X6000R v9.4.0cu.852_B20230719 allows attackers to run arbitrary... Critical Unreviewed
CVE-2023-52039 was published Jan 24, 2024
TOTOLINK_A3700R_V9.1.2u.6165_20211012has a command Injection vulnerability via setOpModeCfg Critical Unreviewed
CVE-2024-22663 was published Jan 23, 2024
An issue discovered in sub_4117F8 function in TOTOLINK X6000R V9.4.0cu.852_B20230719 allows... Critical Unreviewed
CVE-2023-52042 was published Jan 17, 2024
A command injection vulnerability in web components of Ivanti Connect Secure (9.x, 22.x) and... Critical Unreviewed
CVE-2024-21887 was published Jan 12, 2024
TOTOlink A3700R v9.1.2u.5822_B20200513 was discovered to contain a remote command execution (RCE)... Critical Unreviewed
CVE-2023-52027 was published Jan 11, 2024
Command injection vulnerability in /usr/www/res.php in FLIR AX8 up to 1.46.16 allows attackers to... Critical Unreviewed
CVE-2023-51126 was published Jan 10, 2024
Tenda AX1803 v1.0.0.1 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2023-51972 was published Jan 10, 2024
An issue was discovered on TRENDnet TV-IP1314PI 5.5.3 200714 devices. Command injection can occur... Critical Unreviewed
CVE-2023-49237 was published Jan 9, 2024
TOTOlink EX1800T v9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command... Critical Unreviewed
CVE-2023-51016 was published Dec 22, 2023
TOTOLINK EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command... Critical Unreviewed
CVE-2023-51014 was published Dec 22, 2023
TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to an unauthorized arbitrary command... Critical Unreviewed
CVE-2023-51025 was published Dec 22, 2023
MotionPro in Array ArrayOS AG before 9.4.0.505 on AG and vxAG allows remote command execution via... Critical Unreviewed
CVE-2023-51707 was published Dec 22, 2023
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2023-50983 was published Dec 21, 2023
Tenda i29 v1.0 V1.0.0.5 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2023-50989 was published Dec 21, 2023
A Command Injection vulnerability exists in NETGEAR WNR2000v4 version 1.0.0.70. When using HTTP... Critical Unreviewed
CVE-2023-50089 was published Dec 15, 2023
MajorDoMo (aka Major Domestic Module) before 0662e5e allows command execution via thumb.php shell... Critical Unreviewed
CVE-2023-50917 was published Dec 15, 2023
NETSCOUT nGeniusPULSE 3.8 has a Command Injection Vulnerability. Critical Unreviewed
CVE-2023-40301 was published Dec 7, 2023
Tenda AX9 V22.03.01.46 has been discovered to contain a command injection vulnerability in the ... Critical Unreviewed
CVE-2023-49436 was published Dec 7, 2023
Tenda AX9 V22.03.01.46 is vulnerable to command injection. Critical Unreviewed
CVE-2023-49435 was published Dec 7, 2023
Tenda AX9 V22.03.01.46 has been discovered to contain a command injection vulnerability in the ... Critical Unreviewed
CVE-2023-49431 was published Dec 7, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database