GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,020 advisories
Filter by severity
HGW BL1500HM Ver 002.001.013 and earlier allows a network-adjacent unauthenticated attacker to...
High
Unreviewed
CVE-2024-28041
was published
Mar 25, 2024
Insecure default configurations in Hikvision Interactive Tablet DS-D5B86RB/B V2.3.0 build220119,...
High
Unreviewed
CVE-2023-33806
was published
Apr 16, 2024
On Mitel 6869i 4.5.0.41 devices, the Manual Firmware Update (upgrade.html) page does not perform...
High
Unreviewed
CVE-2024-37570
was published
Jun 9, 2024
Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote...
High
Unreviewed
CVE-2024-36073
was published
Jun 27, 2024
StoneFly Storage Concentrator (SC and SCVM) before 8.0.4.26 allows remote authenticated users to...
High
Unreviewed
CVE-2024-30213
was published
Jul 13, 2024
AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX9 V22.03.01.46 and AX3000 Dual-Band Gigabit Wi-Fi 6...
High
Unreviewed
CVE-2024-39963
was published
Jul 19, 2024
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability...
High
Unreviewed
CVE-2024-41320
was published
Jul 22, 2024
A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V5...
High
Unreviewed
CVE-2024-31485
was published
May 14, 2024
CasaOS Command Injection vulnerability
High
CVE-2023-37469
was published
for
github.com/IceWhaleTech/CasaOS
(Go)
Aug 5, 2024
A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been classified as...
High
Unreviewed
CVE-2024-7177
was published
Jul 29, 2024
A vulnerability, which was classified as critical, was found in TOTOLINK A3600R 4.1.2cu...
High
Unreviewed
CVE-2024-7174
was published
Jul 29, 2024
In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5...
High
Unreviewed
CVE-2020-22662
was published
Jan 20, 2023
A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 HF1)....
High
Unreviewed
CVE-2024-39568
was published
Jul 9, 2024
A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 HF1)....
High
Unreviewed
CVE-2024-39569
was published
Jul 9, 2024
A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 HF1)....
High
Unreviewed
CVE-2024-39567
was published
Jul 9, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 HF1)....
High
Unreviewed
CVE-2024-39570
was published
Jul 9, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 HF1)....
High
Unreviewed
CVE-2024-39571
was published
Jul 9, 2024
Firmware in KAON AR2140 routers prior to version 4.2.16 is vulnerable to a shell command...
High
Unreviewed
CVE-2024-3659
was published
Aug 8, 2024
In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the Dashboard Examples Hub in the...
High
Unreviewed
CVE-2024-29946
was published
Mar 27, 2024
A command injection vulnerability could allow an authenticated user to execute operating system...
High
Unreviewed
CVE-2022-4002
was published
Jul 31, 2024
A command injection vulnerability exists in /goform/exeCommand in Tenda AC18 v15.03.05.05, which...
High
Unreviewed
CVE-2024-30891
was published
Apr 5, 2024
Stormshield Network Security (SNS) before 4.2.2 allows a read-only administrator to gain...
High
Unreviewed
CVE-2021-28962
was published
Feb 1, 2022
A command injection issue in Palo Alto Networks Cortex XSOAR CommonScripts Pack allows an...
High
Unreviewed
CVE-2024-5914
was published
Aug 14, 2024
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability...
High
Unreviewed
CVE-2024-21879
was published
Aug 12, 2024
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability...
High
Unreviewed
CVE-2024-21880
was published
Aug 12, 2024
ProTip!
Advisories are also available from the
GraphQL API