GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,277
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
3,329 advisories
Filter by severity
DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This...
High
Unreviewed
CVE-2024-45891
was published
Nov 4, 2024
DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability This...
High
Unreviewed
CVE-2024-45890
was published
Nov 4, 2024
DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This...
High
Unreviewed
CVE-2024-45893
was published
Nov 4, 2024
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and...
High
Unreviewed
CVE-2024-51249
was published
Nov 4, 2024
DrayTek Vigor3900 1.5.1.3 contains a command injection vulnerability. This vulnerability occurs...
High
Unreviewed
CVE-2024-45882
was published
Nov 4, 2024
DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This...
High
Unreviewed
CVE-2024-45889
was published
Nov 4, 2024
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and...
High
Unreviewed
CVE-2024-51253
was published
Nov 4, 2024
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and...
High
Unreviewed
CVE-2024-51246
was published
Nov 4, 2024
DrayTek Vigor3900 1.5.1.3 contains a command injection vulnerability. This vulnerability occurs...
High
Unreviewed
CVE-2024-45888
was published
Nov 4, 2024
DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This...
High
Unreviewed
CVE-2024-45885
was published
Nov 4, 2024
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and...
High
Unreviewed
CVE-2024-51251
was published
Nov 4, 2024
DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This...
High
Unreviewed
CVE-2024-45884
was published
Nov 4, 2024
DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This...
High
Unreviewed
CVE-2024-45887
was published
Nov 4, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')...
Critical
Unreviewed
CVE-2024-51661
was published
Nov 4, 2024
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and...
High
Unreviewed
CVE-2024-51244
was published
Nov 1, 2024
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and...
High
Unreviewed
CVE-2024-51248
was published
Nov 1, 2024
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and...
High
Unreviewed
CVE-2024-51247
was published
Nov 1, 2024
In DrayTek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and...
High
Unreviewed
CVE-2024-51245
was published
Nov 1, 2024
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and...
High
Unreviewed
CVE-2024-51252
was published
Nov 1, 2024
IDExpert from CHANGING Information Technology does not properly validate a specific parameter in...
Critical
Unreviewed
CVE-2024-10653
was published
Nov 1, 2024
Plenti arbitrary file write vulnerability
High
CVE-2024-49380
was published
for
github.com/plentico/plenti
(Go)
Oct 31, 2024
A local user with administrative access rights can enter specialy crafted values for settings at...
Moderate
Unreviewed
CVE-2024-8934
was published
Oct 31, 2024
EnGenius EnStation5-AC A8J-ENS500AC 1.0.0 devices allow blind OS command injection via shell...
High
Unreviewed
CVE-2024-36060
was published
Oct 30, 2024
CyberPanel (aka Cyber Panel) before 2.3.5 allows Command Injection via completePath in the...
Critical
Unreviewed
CVE-2024-51568
was published
Oct 30, 2024
getresetstatus in dns/views.py and ftp/views.py in CyberPanel (aka Cyber Panel) before 1c0c6cb...
Critical
Unreviewed
CVE-2024-51378
was published
Oct 30, 2024
ProTip!
Advisories are also available from the
GraphQL API