GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,673
Composer 4,237
Erlang 31
GitHub Actions 20
Go 1,996
Maven 5,182
npm 3,710
NuGet 661
pip 3,361
Pub 11
RubyGems 885
Rust 846
Swift 36

Unreviewed advisories

All unreviewed 235,060

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

3,248 advisories

Filter by severity

Sort by

Least recently updated

DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This... High Unreviewed

CVE-2024-45893 was published Nov 4, 2024

DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This... High Unreviewed

CVE-2024-45891 was published Nov 4, 2024

DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This... High Unreviewed

CVE-2024-45885 was published Nov 4, 2024

DrayTek Vigor3900 1.5.1.3 contains a command injection vulnerability. This vulnerability occurs... High Unreviewed

CVE-2024-45882 was published Nov 4, 2024

DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This... High Unreviewed

CVE-2024-45887 was published Nov 4, 2024

DrayTek Vigor3900 1.5.1.3 contains a command injection vulnerability. This vulnerability occurs... High Unreviewed

CVE-2024-45888 was published Nov 4, 2024

In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and... High Unreviewed

CVE-2024-51246 was published Nov 4, 2024

In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and... High Unreviewed

CVE-2024-51253 was published Nov 4, 2024

DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This... High Unreviewed

CVE-2024-45889 was published Nov 4, 2024

In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and... High Unreviewed

CVE-2024-51249 was published Nov 4, 2024

DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This... High Unreviewed

CVE-2024-45884 was published Nov 4, 2024

In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and... High Unreviewed

CVE-2024-51251 was published Nov 4, 2024

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed

CVE-2024-51661 was published Nov 4, 2024

In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and... High Unreviewed

CVE-2024-51252 was published Nov 1, 2024

In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and... High Unreviewed

CVE-2024-51244 was published Nov 1, 2024

In DrayTek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and... High Unreviewed

CVE-2024-51245 was published Nov 1, 2024

In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and... High Unreviewed

CVE-2024-51247 was published Nov 1, 2024

In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and... High Unreviewed

CVE-2024-51248 was published Nov 1, 2024

IDExpert from CHANGING Information Technology does not properly validate a specific parameter in... Critical Unreviewed

CVE-2024-10653 was published Nov 1, 2024

Plenti arbitrary file write vulnerability High

CVE-2024-49380 was published for github.com/plentico/plenti (Go) Oct 31, 2024

A local user with administrative access rights can enter specialy crafted values for settings at... Moderate Unreviewed

CVE-2024-8934 was published Oct 31, 2024

EnGenius EnStation5-AC A8J-ENS500AC 1.0.0 devices allow blind OS command injection via shell... High Unreviewed

CVE-2024-36060 was published Oct 30, 2024

CyberPanel (aka Cyber Panel) before 2.3.5 allows Command Injection via completePath in the... Critical Unreviewed

CVE-2024-51568 was published Oct 30, 2024

Tenda AC7 v.15.03.06.44 ate_ifconfig_set has pre-authentication command injection allowing remote... High Unreviewed

CVE-2024-48825 was published Oct 28, 2024

Tenda AC7 v.15.03.06.44 ate_iwpriv_set has pre-authentication command injection allowing remote... High Unreviewed

CVE-2024-48826 was published Oct 28, 2024

Previous 1 2 3 4 5 … 129 130 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,248 advisories