GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
917 advisories
Filter by severity
Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a command injection vulnerability via the...
Critical
Unreviewed
CVE-2023-51098
was published
Dec 26, 2023
Tenda W9 V1.0.0.7(4456)_CN was discovered to contain a command injection vulnerability via the...
Critical
Unreviewed
CVE-2023-51099
was published
Dec 26, 2023
TOTOLINK EX1200L V9.3.5u.6146_B20201023 is vulnerable to arbitrary command execution on the...
Critical
Unreviewed
CVE-2023-51035
was published
Dec 22, 2023
TOTOlink EX1200L V9.3.5u.6146_B20201023 is vulnerable to arbitrary command execution via the...
Critical
Unreviewed
CVE-2023-51033
was published
Dec 22, 2023
There is an arbitrary command execution vulnerability in the setDiagnosisCfg function of the...
Critical
Unreviewed
CVE-2023-50147
was published
Dec 22, 2023
TOTOLINK EX1800T 9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command execution...
Critical
Unreviewed
CVE-2023-51028
was published
Dec 22, 2023
Ruijie WS6008 v1.x v2.x AC_RGOS11.9(6)W3B2_G2C6-01_10221911 and WS6108 v1.x AC_RGOS11.9(6...
Critical
Unreviewed
CVE-2023-50993
was published
Dec 21, 2023
Pedroetb TTS-API OS Command Injection
Critical
CVE-2019-25158
was published
for
tts-api
(npm)
Dec 19, 2023
In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has...
Critical
Unreviewed
CVE-2023-51385
was published
Dec 18, 2023
Dasan Networks - W-Web versions 1.22-1.27 - CWE-78: Improper Neutralization of Special Elements...
Critical
Unreviewed
CVE-2023-42495
was published
Dec 13, 2023
In GL.iNET GL-AR300M routers with firmware v4.3.7, it is possible to inject arbitrary shell...
Critical
Unreviewed
CVE-2023-46454
was published
Dec 12, 2023
An OS Command Injection in the CLI interface on DrayTek Vigor167 version 5.2.2, allows remote...
Critical
Unreviewed
CVE-2023-47254
was published
Dec 9, 2023
In TOTOLINK X6000R_Firmware V9.4.0cu.852_B20230719, the shttpd file sub_417338 function obtains...
Critical
Unreviewed
CVE-2023-48800
was published
Dec 4, 2023
In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields...
Critical
Unreviewed
CVE-2023-48804
was published
Nov 30, 2023
In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields...
Critical
Unreviewed
CVE-2023-48808
was published
Nov 30, 2023
In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields...
Critical
Unreviewed
CVE-2023-48805
was published
Nov 30, 2023
In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields...
Critical
Unreviewed
CVE-2023-48810
was published
Nov 30, 2023
In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields...
Critical
Unreviewed
CVE-2023-48811
was published
Nov 30, 2023
In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields...
Critical
Unreviewed
CVE-2023-48807
was published
Nov 30, 2023
In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file sub_4119A0 function obtains fields...
Critical
Unreviewed
CVE-2023-48812
was published
Nov 30, 2023
In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields...
Critical
Unreviewed
CVE-2023-48806
was published
Nov 30, 2023
In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields...
Critical
Unreviewed
CVE-2023-48803
was published
Nov 30, 2023
In TOTOLINK X6000R V9.4.0cu.852_B20230719, the shttpd file, sub_4119A0 function obtains fields...
Critical
Unreviewed
CVE-2023-48802
was published
Nov 30, 2023
An OS Command injection vulnerability in NEC Platforms DT900 and DT900S Series all versions...
Critical
Unreviewed
CVE-2023-3741
was published
Nov 30, 2023
A command injection vulnerability in the web server of the Zyxel NAS326 firmware version V5.21...
Critical
Unreviewed
CVE-2023-4473
was published
Nov 30, 2023
ProTip!
Advisories are also available from the
GraphQL API