GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,097
Erlang
29
GitHub Actions
19
Go
1,925
Maven
5,000+
npm
3,657
NuGet
638
pip
3,264
Pub
10
RubyGems
873
Rust
823
Swift
35
Unreviewed advisories
All unreviewed
5,000+
917 advisories
Filter by severity
The Linear eMerge e3-Series through version 1.00-07 is vulnerable to an OS command injection...
Critical
Unreviewed
CVE-2024-9441
was published
Oct 2, 2024
The device enables an unauthorized attacker to execute system commands with elevated privileges....
Critical
Unreviewed
CVE-2024-9166
was published
Sep 26, 2024
Chaosblade vulnerable to OS command execution
Critical
CVE-2023-47105
was published
for
github.com/chaosblade-io/chaosblade
(Go)
Sep 18, 2024
AutoGPT bypass of the shell commands denylist settings
Critical
CVE-2024-6091
was published
for
agpt
(pip)
Sep 11, 2024
**UNSUPPORTED WHEN ASSIGNED** A command injection vulnerability in the export-cgi program of...
Critical
Unreviewed
CVE-2024-6342
was published
Sep 10, 2024
Improper Input Validation vulnerability in Progress LoadMaster allows OS Command Injection.This...
Critical
Unreviewed
CVE-2024-7591
was published
Sep 5, 2024
The improper neutralization of special elements in the parameter "host" in the CGI program of...
Critical
Unreviewed
CVE-2024-7261
was published
Sep 3, 2024
Command injection vulnerability in Asus RT-N15U 3.0.0.4.376_3754 allows a remote attacker to...
Critical
Unreviewed
CVE-2024-42757
was published
Aug 15, 2024
Energy Management Controller with Cloud Services JH-RVB1 /JH-RV11 Ver.B0.1.9.1 and earlier allows...
Critical
Unreviewed
CVE-2024-23789
was published
Aug 14, 2024
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')...
Critical
Unreviewed
CVE-2024-6917
was published
Aug 12, 2024
The function "generate_app_certificates" in lib/app_certificates.js of FIWARE Keyrock <= 8.4 does...
Critical
Unreviewed
CVE-2024-42166
was published
Aug 12, 2024
The function "generate_app_certificates" in controllers/saml2/saml2.js of FIWARE Keyrock <= 8.4...
Critical
Unreviewed
CVE-2024-42167
was published
Aug 12, 2024
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability...
Critical
Unreviewed
CVE-2024-21878
was published
Aug 12, 2024
GL-iNet products AR750/AR750S/AR300M/AR300M16/MT300N-V2/B1300/MT1300/SFT1200/X750 v4.3.11, MT3000...
Critical
Unreviewed
CVE-2024-39228
was published
Aug 6, 2024
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly...
Critical
Unreviewed
CVE-2024-38889
was published
Aug 2, 2024
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly...
Critical
Unreviewed
CVE-2024-38887
was published
Aug 2, 2024
An issue in Horizon Business Services Inc. Caterease 16.0.1.1663 through 24.0.1.2405 and possibly...
Critical
Unreviewed
CVE-2024-38882
was published
Aug 2, 2024
The web services of Softnext's products, Mail SQR Expert and Mail Archiving Expert do not...
Critical
Unreviewed
CVE-2024-5670
was published
Jul 29, 2024
Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the...
Critical
Unreviewed
CVE-2024-41468
was published
Jul 26, 2024
FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allow a...
Critical
Unreviewed
CVE-2024-36491
was published
Jul 17, 2024
An issue was found on the Ruijie EG-2000 series gateway. There is a newcli.php API interface...
Critical
Unreviewed
CVE-2019-16639
was published
Jul 16, 2024
An high privileged remote attacker can enable telnet access that accepts hardcoded credentials.
Critical
Unreviewed
CVE-2024-28751
was published
Jul 9, 2024
rejetto HFS vulnerable to OS Command Execution by remote authenticated users
Critical
CVE-2024-39943
was published
for
hfs
(npm)
Jul 5, 2024
A command injection vulnerability exists in the mudler/localai version 2.14.0. The vulnerability...
Critical
Unreviewed
CVE-2024-5181
was published
Jun 26, 2024
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability...
Critical
Unreviewed
CVE-2024-37091
was published
Jun 24, 2024
ProTip!
Advisories are also available from the
GraphQL API