GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,134
Erlang
29
GitHub Actions
19
Go
1,941
Maven
5,000+
npm
3,679
NuGet
648
pip
3,297
Pub
11
RubyGems
877
Rust
830
Swift
35
Unreviewed advisories
All unreviewed
5,000+
3,152 advisories
Filter by severity
DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection...
High
Unreviewed
CVE-2024-44845
was published
Sep 6, 2024
DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection...
High
Unreviewed
CVE-2024-44844
was published
Sep 6, 2024
An OS command injection vulnerability has been reported to affect legacy QTS. If exploited, the...
High
Unreviewed
CVE-2023-39300
was published
Sep 6, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system...
High
Unreviewed
CVE-2024-21898
was published
Sep 6, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system...
Moderate
Unreviewed
CVE-2024-21906
was published
Sep 6, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system...
Moderate
Unreviewed
CVE-2023-34979
was published
Sep 6, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system...
High
Unreviewed
CVE-2023-34974
was published
Sep 6, 2024
Improper Input Validation vulnerability in Progress LoadMaster allows OS Command Injection.This...
Critical
Unreviewed
CVE-2024-7591
was published
Sep 5, 2024
A vulnerability in specific CLI commands in Cisco Identity Services Engine (ISE) could allow an...
Moderate
Unreviewed
CVE-2024-20469
was published
Sep 4, 2024
Nuclei Template Signature Verification Bypass
Moderate
CVE-2024-43405
was published
for
github.com/projectdiscovery/nuclei/v3
(Go)
Sep 4, 2024
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from...
High
Unreviewed
CVE-2024-42060
was published
Sep 3, 2024
A command injection vulnerability in the IPSec VPN feature of Zyxel ATP series firmware versions...
High
Unreviewed
CVE-2024-42057
was published
Sep 3, 2024
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from...
High
Unreviewed
CVE-2024-7203
was published
Sep 3, 2024
The improper neutralization of special elements in the parameter "host" in the CGI program of...
Critical
Unreviewed
CVE-2024-7261
was published
Sep 3, 2024
A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from...
High
Unreviewed
CVE-2024-42059
was published
Sep 3, 2024
** UNSUPPORTED WHEN ASSIGNED ** A command injection vulnerability in the functions formSysCmd(),...
High
Unreviewed
CVE-2024-8234
was published
Aug 30, 2024
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, low-privileged,...
Moderate
Unreviewed
CVE-2024-20289
was published
Aug 28, 2024
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW,...
Moderate
Unreviewed
CVE-2024-8211
was published
Aug 27, 2024
A vulnerability classified as critical has been found in D-Link DNS-120, DNR-202L, DNS-315L, DNS...
Moderate
Unreviewed
CVE-2024-8213
was published
Aug 27, 2024
A vulnerability was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320, DNS-320L, DNS-320LW,...
Moderate
Unreviewed
CVE-2024-8210
was published
Aug 27, 2024
A vulnerability classified as critical was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320,...
Moderate
Unreviewed
CVE-2024-8214
was published
Aug 27, 2024
D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE)...
High
Unreviewed
CVE-2024-44340
was published
Aug 27, 2024
D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE)...
High
Unreviewed
CVE-2024-44342
was published
Aug 27, 2024
D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE)...
High
Unreviewed
CVE-2024-41622
was published
Aug 27, 2024
D-Link DIR-846W A1 FW100A43 was discovered to contain a remote command execution (RCE)...
High
Unreviewed
CVE-2024-44341
was published
Aug 27, 2024
ProTip!
Advisories are also available from the
GraphQL API