GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
1,973 advisories
Filter by severity
Command injection when ingesting a remote Kaggle dataset due to a lack of input sanitization in...
High
Unreviewed
CVE-2024-6507
was published
Jul 4, 2024
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command...
High
Unreviewed
CVE-2024-50366
was published
Nov 26, 2024
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command...
High
Unreviewed
CVE-2024-50360
was published
Nov 26, 2024
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command...
High
Unreviewed
CVE-2024-50362
was published
Nov 26, 2024
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command...
High
Unreviewed
CVE-2024-50368
was published
Nov 26, 2024
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command...
High
Unreviewed
CVE-2024-50361
was published
Nov 26, 2024
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command...
High
Unreviewed
CVE-2024-50359
was published
Nov 26, 2024
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command...
High
Unreviewed
CVE-2024-50363
was published
Nov 26, 2024
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command...
High
Unreviewed
CVE-2024-50367
was published
Nov 26, 2024
A CWE-79 "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"...
High
Unreviewed
CVE-2024-50376
was published
Nov 26, 2024
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command...
High
Unreviewed
CVE-2024-50364
was published
Nov 26, 2024
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command...
High
Unreviewed
CVE-2024-50365
was published
Nov 26, 2024
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command...
High
Unreviewed
CVE-2024-50369
was published
Nov 26, 2024
The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for...
High
Unreviewed
CVE-2024-9461
was published
Nov 26, 2024
virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual...
High
Unreviewed
CVE-2024-53899
was published
Nov 24, 2024
An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518...
High
Unreviewed
CVE-2024-8190
was published
Sep 10, 2024
Certain models of routers from Billion Electric has an OS Command Injection vulnerability,...
High
Unreviewed
CVE-2024-11983
was published
Nov 29, 2024
EnGenius EWS356-FIR 1.1.30 and earlier devices allow a remote attacker to execute arbitrary OS...
High
Unreviewed
CVE-2024-31976
was published
Nov 27, 2024
A post-authentication command injection vulnerability in the "host" parameter of the diagnostic...
High
Unreviewed
CVE-2024-9200
was published
Dec 3, 2024
Qualys discovered that needrestart, before version 3.8, passes unsanitized data to a library ...
High
Unreviewed
CVE-2024-11003
was published
Nov 19, 2024
An arbitrary file download vulnerability in the component /Doc/DownloadFile of NUS-M9 ERP...
High
Unreviewed
CVE-2024-44759
was published
Nov 15, 2024
A reachable assertion in the ogs_nas_emm_decode function of Open5GS v2.7.0 allows attackers to...
High
Unreviewed
CVE-2024-24431
was published
Nov 15, 2024
An issue was discovered in Victure RX1800 WiFi 6 Router (software EN_V1.0.0_r12_110933, hardware...
High
Unreviewed
CVE-2024-53940
was published
Dec 3, 2024
An issue was discovered in Victure RX1800 WiFi 6 Router (software EN_V1.0.0_r12_110933, hardware...
High
Unreviewed
CVE-2024-53939
was published
Dec 3, 2024
Authenticated remote code execution (RCE) vulnerabilities affect TP-Link Archer, Deco, and Tapo...
High
Unreviewed
CVE-2024-53375
was published
Dec 3, 2024
ProTip!
Advisories are also available from the
GraphQL API