Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

3,389 advisories

Loading
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command... Critical Unreviewed
CVE-2024-50374 was published Nov 26, 2024
A CWE-798 "Use of Hard-coded Credentials" was discovered affecting the following devices... Moderate Unreviewed
CVE-2024-50377 was published Nov 26, 2024
A CWE-306 "Missing Authentication for Critical Function" was discovered affecting the following... Critical Unreviewed
CVE-2024-50375 was published Nov 26, 2024
A CWE-79 "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"... High Unreviewed
CVE-2024-50376 was published Nov 26, 2024
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command... High Unreviewed
CVE-2024-50359 was published Nov 26, 2024
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command... High Unreviewed
CVE-2024-50361 was published Nov 26, 2024
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command... High Unreviewed
CVE-2024-50360 was published Nov 26, 2024
virtualenv allows command injection through activation scripts for a virtual environment High
CVE-2024-53899 was published for virtualenv (pip) Nov 24, 2024
lboynton
Visteon Infotainment REFLASH_DDU_FindFile Command Injection Remote Code Execution Vulnerability.... Moderate Unreviewed
CVE-2024-8359 was published Nov 23, 2024
Visteon Infotainment UPDATES_ExtractFile Command Injection Remote Code Execution Vulnerability.... Moderate Unreviewed
CVE-2024-8358 was published Nov 23, 2024
An OS Command Injection vulnerability exists within myPRO Manager. A parameter within a command... Critical Unreviewed
CVE-2024-52034 was published Nov 23, 2024
A parameter within a command does not properly validate input within myPRO Manager which could be... Critical Unreviewed
CVE-2024-47407 was published Nov 23, 2024
Visteon Infotainment REFLASH_DDU_ExtractFile Command Injection Remote Code Execution... Moderate Unreviewed
CVE-2024-8360 was published Nov 23, 2024
Cohesive Networks VNS3 Command Injection Remote Code Execution Vulnerability. This vulnerability... High Unreviewed
CVE-2024-8809 was published Nov 22, 2024
Cohesive Networks VNS3 Command Injection Remote Code Execution Vulnerability. This vulnerability... High Unreviewed
CVE-2024-8808 was published Nov 22, 2024
Cohesive Networks VNS3 Command Injection Remote Code Execution Vulnerability. This vulnerability... Critical Unreviewed
CVE-2024-8806 was published Nov 22, 2024
Cohesive Networks VNS3 Command Injection Remote Code Execution Vulnerability. This vulnerability... Critical Unreviewed
CVE-2024-8807 was published Nov 22, 2024
Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2024-5719 was published Nov 22, 2024
Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2024-5717 was published Nov 22, 2024
Logsign Unified SecOps Platform Command Injection Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2024-5720 was published Nov 22, 2024
Wyze Cam v3 Wi-Fi SSID OS Command Injection Remote Code Execution Vulnerability. This... Moderate Unreviewed
CVE-2024-6247 was published Nov 22, 2024
In TOTOLINK X6000R V9.4.0cu.1041_B20240224 in the shttpd file, the Uci_Set Str function is used... Critical Unreviewed
CVE-2024-52723 was published Nov 22, 2024
D-Link DI-8200 16.07.26A1 is vulnerable to remote command execution in the msp_info_htm function... Critical Unreviewed
CVE-2024-51151 was published Nov 22, 2024
OS command injection vulnerability exists in AIPHONE IX SYSTEM and IXG SYSTEM. A network-adjacent... High Unreviewed
CVE-2024-31408 was published Nov 22, 2024
LLama Factory Remote OS Command Injection Vulnerability High
CVE-2024-52803 was published for llamafactory (pip) Nov 21, 2024
superboy-zjc
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database