Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+

917 advisories

Loading
A command injection vulnerability in the “show_zysync_server_contents” function of the Zyxel... Critical Unreviewed
CVE-2023-35138 was published Nov 30, 2023
A command injection vulnerability in the web server of the Zyxel NAS326 firmware version V5.21... Critical Unreviewed
CVE-2023-4473 was published Nov 30, 2023
Zumtobel Netlink CCD Onboard 3.74 - Firmware 3.80 was discovered to contain a command injection... Critical Unreviewed
CVE-2023-23325 was published Nov 29, 2023
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed
CVE-2023-6201 was published Nov 28, 2023
Command injection in `/main/webservices/additional_webservices.php` in Chamilo LMS <= v1.11.20... Critical Unreviewed
CVE-2023-3368 was published Nov 28, 2023
A vulnerability in the web-based management allows an unauthenticated remote attacker to inject... Critical Unreviewed
CVE-2023-4149 was published Nov 21, 2023
Versions of INEA ME RTU firmware 3.36b and prior are vulnerable to operating system (OS) command... Critical Unreviewed
CVE-2023-35762 was published Nov 20, 2023
Remote Code Execution due to Full Controled File Write in mlflow Critical
CVE-2023-6018 was published for mlflow (pip) Nov 16, 2023
marco27183 mberges21
Ray OS Command Injection vulnerability Critical
CVE-2023-6019 was published for ray (pip) Nov 16, 2023
A improper neutralization of special elements used in an os command ('os command injection') in... Critical Unreviewed
CVE-2023-36553 was published Nov 14, 2023
An OS command injection vulnerability has been reported to affect several QNAP operating system... Critical Unreviewed
CVE-2023-23369 was published Nov 3, 2023
An OS command injection vulnerability has been reported to affect several QNAP operating system... Critical Unreviewed
CVE-2023-23368 was published Nov 3, 2023
An issue in franfinance before v.2.0.27 allows a remote attacker to execute arbitrary code via... Critical Unreviewed
CVE-2023-43139 was published Oct 31, 2023
tinyfiledialogs (aka tiny file dialogs) before 3.15.0 allows shell metacharacters (such as a... Critical Unreviewed
CVE-2023-47104 was published Oct 30, 2023
An issue in ZIONCOM (Hong Kong) Technology Limited A7000R v.4.1cu.4154 allows an attacker to... Critical Unreviewed
CVE-2023-46510 was published Oct 27, 2023
Hardcoded manufacturer credentials and an OS command injection vulnerability in the /cgi-bin/mft/... Critical Unreviewed
CVE-2018-17558 was published Oct 27, 2023
An issue was discovered on certain ABUS TVIP cameras. The CGI scripts allow remote attackers to... Critical Unreviewed
CVE-2018-17879 was published Oct 27, 2023
NextGen Healthcare Mirth Connect before version 4.4.1 is vulnerable to unauthenticated remote... Critical Unreviewed
CVE-2023-43208 was published Oct 26, 2023
An OS command injection vulnerability exists in the httpd iperfrun.cgi functionality of... Critical Unreviewed
CVE-2023-3991 was published Oct 16, 2023
An OS command injection vulnerability exists in web2py 2.24.1 and earlier. When the product is... Critical Unreviewed
CVE-2023-45158 was published Oct 16, 2023
Netis N3Mv2-V1.0.1.865 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2023-45467 was published Oct 13, 2023
A improper neutralization of special elements used in an os command ('os command injection') in... Critical Unreviewed
CVE-2023-36550 was published Oct 10, 2023
A improper neutralization of special elements used in an os command ('os command injection') in... Critical Unreviewed
CVE-2023-34992 was published Oct 10, 2023
A improper neutralization of special elements used in an os command ('os command injection') in... Critical Unreviewed
CVE-2023-36547 was published Oct 10, 2023
A improper neutralization of special elements used in an os command ('os command injection') in... Critical Unreviewed
CVE-2023-36549 was published Oct 10, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database