Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,991
Erlang
29
GitHub Actions
16
Go
1,779
Maven
5,000+
npm
3,544
NuGet
619
pip
3,134
Pub
10
RubyGems
838
Rust
793
Swift
34
Unreviewed advisories
All unreviewed
5,000+

2,931 advisories

Loading
Softaculous Webuzo contains a command injection vulnerability in the FTP management functionality... High Unreviewed
CVE-2024-24623 was published Jul 26, 2024
Softaculous Webuzo contains a command injection in the password reset functionality. A remote,... High Unreviewed
CVE-2024-24622 was published Jul 26, 2024
AdTran 834-5 HDC17600021F1 (SmartOS 11.1.1.1) devices enable the SSH service by default and have... High Unreviewed
CVE-2024-39345 was published Jul 24, 2024
A vulnerability was found in F-logic DataCube3 1.0. It has been declared as critical. Affected by... Moderate Unreviewed
CVE-2024-7066 was published Jul 24, 2024
A command injection vulnerability exists in Wyze V4 Pro firmware versions before 4.50.4.9222,... Moderate Unreviewed
CVE-2024-37066 was published Jul 19, 2024
Sliver Allows Authenticated Operator-to-Server Remote Code Execution High
CVE-2024-41111 was published for github.com/bishopfox/sliver (Go) Jul 18, 2024
hyperreality
Local privilege escalation due to OS command injection vulnerability. The following products are... High Unreviewed
CVE-2024-34013 was published Jul 18, 2024
projectdiscovery/nuclei allows unsigned code template execution through workflows High
CVE-2024-40641 was published for github.com/projectdiscovery/nuclei/v3 (Go) Jul 17, 2024
Ovi3
An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved... High Unreviewed
CVE-2024-39522 was published Jul 11, 2024
An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved... High Unreviewed
CVE-2024-39521 was published Jul 11, 2024
An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved... High Unreviewed
CVE-2024-39523 was published Jul 11, 2024
An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved... High Unreviewed
CVE-2024-39524 was published Jul 11, 2024
An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved... High Unreviewed
CVE-2024-39520 was published Jul 11, 2024
Insecure handling of POST header parameter body included in requests being sent to an instance of... High Unreviewed
CVE-2024-3799 was published Jul 10, 2024
A remote attacker with high privileges may use a deleting file function to inject OS commands. High Unreviewed
CVE-2024-28750 was published Jul 9, 2024
An high privileged remote attacker can enable telnet access that accepts hardcoded credentials.  Critical Unreviewed
CVE-2024-28751 was published Jul 9, 2024
A remote attacker with high privileges may use a reading file function to inject OS commands. High Unreviewed
CVE-2024-28748 was published Jul 9, 2024
A remote attacker with high privileges may use a writing file function to inject OS commands. High Unreviewed
CVE-2024-28749 was published Jul 9, 2024
Three os command injection vulnerabilities exist in the boa formWsc functionality of Realtek... High Unreviewed
CVE-2023-50381 was published Jul 8, 2024
Three os command injection vulnerabilities exist in the boa formWsc functionality of Realtek... High Unreviewed
CVE-2023-50383 was published Jul 8, 2024
Three os command injection vulnerabilities exist in the boa formWsc functionality of Realtek... High Unreviewed
CVE-2023-50382 was published Jul 8, 2024
rejetto HFS vulnerable to OS Command Execution by remote authenticated users Critical
CVE-2024-39943 was published for hfs (npm) Jul 5, 2024
A high privileged remote attacker can execute arbitrary system commands via GET requests due to... High Unreviewed
CVE-2024-5672 was published Jul 3, 2024
An os command injection vulnerability exists in the CWMP SelfDefinedTimeZone functionality of... High Unreviewed
CVE-2024-32937 was published Jul 3, 2024
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker... Moderate Unreviewed
CVE-2024-20399 was published Jul 1, 2024
ProTip! Advisories are also available from the GraphQL API