GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
917 advisories
Filter by severity
A command injection vulnerability in the “show_zysync_server_contents” function of the Zyxel...
Critical
Unreviewed
CVE-2023-35138
was published
Nov 30, 2023
A command injection vulnerability in the web server of the Zyxel NAS326 firmware version V5.21...
Critical
Unreviewed
CVE-2023-4473
was published
Nov 30, 2023
Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain a command injection...
Critical
Unreviewed
CVE-2023-23325
was published
Nov 29, 2023
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')...
Critical
Unreviewed
CVE-2023-6201
was published
Nov 28, 2023
Command injection in `/main/webservices/additional_webservices.php` in Chamilo LMS <= v1.11.20...
Critical
Unreviewed
CVE-2023-3368
was published
Nov 28, 2023
A vulnerability in the web-based management allows an unauthenticated remote attacker to inject...
Critical
Unreviewed
CVE-2023-4149
was published
Nov 21, 2023
Versions of INEA ME RTU firmware 3.36b and prior are vulnerable to operating system (OS) command...
Critical
Unreviewed
CVE-2023-35762
was published
Nov 20, 2023
Remote Code Execution due to Full Controled File Write in mlflow
Critical
CVE-2023-6018
was published
for
mlflow
(pip)
Nov 16, 2023
Ray OS Command Injection vulnerability
Critical
CVE-2023-6019
was published
for
ray
(pip)
Nov 16, 2023
A improper neutralization of special elements used in an os command ('os command injection') in...
Critical
Unreviewed
CVE-2023-36553
was published
Nov 14, 2023
An OS command injection vulnerability has been reported to affect several QNAP operating system...
Critical
Unreviewed
CVE-2023-23369
was published
Nov 3, 2023
An OS command injection vulnerability has been reported to affect several QNAP operating system...
Critical
Unreviewed
CVE-2023-23368
was published
Nov 3, 2023
An issue in franfinance before v.2.0.27 allows a remote attacker to execute arbitrary code via...
Critical
Unreviewed
CVE-2023-43139
was published
Oct 31, 2023
tinyfiledialogs (aka tiny file dialogs) before 3.15.0 allows shell metacharacters (such as a...
Critical
Unreviewed
CVE-2023-47104
was published
Oct 30, 2023
An issue in ZIONCOM (Hong Kong) Technology Limited A7000R v.4.1cu.4154 allows an attacker to...
Critical
Unreviewed
CVE-2023-46510
was published
Oct 27, 2023
Hardcoded manufacturer credentials and an OS command injection vulnerability in the /cgi-bin/mft/...
Critical
Unreviewed
CVE-2018-17558
was published
Oct 27, 2023
An issue was discovered on certain ABUS TVIP cameras. The CGI scripts allow remote attackers to...
Critical
Unreviewed
CVE-2018-17879
was published
Oct 27, 2023
NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote...
Critical
Unreviewed
CVE-2023-43208
was published
Oct 26, 2023
An OS command injection vulnerability exists in the httpd iperfrun.cgi functionality of...
Critical
Unreviewed
CVE-2023-3991
was published
Oct 16, 2023
An OS command injection vulnerability exists in web2py 2.24.1 and earlier. When the product is...
Critical
Unreviewed
CVE-2023-45158
was published
Oct 16, 2023
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the...
Critical
Unreviewed
CVE-2023-45467
was published
Oct 13, 2023
A improper neutralization of special elements used in an os command ('os command injection') in...
Critical
Unreviewed
CVE-2023-36550
was published
Oct 10, 2023
A improper neutralization of special elements used in an os command ('os command injection') in...
Critical
Unreviewed
CVE-2023-34992
was published
Oct 10, 2023
A improper neutralization of special elements used in an os command ('os command injection') in...
Critical
Unreviewed
CVE-2023-36547
was published
Oct 10, 2023
A improper neutralization of special elements used in an os command ('os command injection') in...
Critical
Unreviewed
CVE-2023-36549
was published
Oct 10, 2023
ProTip!
Advisories are also available from the
GraphQL API