Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,020 advisories

Loading
HGW BL1500HM Ver 002.001.013 and earlier allows a network-adjacent unauthenticated attacker to... High Unreviewed
CVE-2024-28041 was published Mar 25, 2024
Insecure default configurations in Hikvision Interactive Tablet DS-D5B86RB/B V2.3.0 build220119,... High Unreviewed
CVE-2023-33806 was published Apr 16, 2024
On Mitel 6869i 4.5.0.41 devices, the Manual Firmware Update (upgrade.html) page does not perform... High Unreviewed
CVE-2024-37570 was published Jun 9, 2024
Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote... High Unreviewed
CVE-2024-36073 was published Jun 27, 2024
StoneFly Storage Concentrator (SC and SCVM) before 8.0.4.26 allows remote authenticated users to... High Unreviewed
CVE-2024-30213 was published Jul 13, 2024
AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX9 V22.03.01.46 and AX3000 Dual-Band Gigabit Wi-Fi 6... High Unreviewed
CVE-2024-39963 was published Jul 19, 2024
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability... High Unreviewed
CVE-2024-41320 was published Jul 22, 2024
A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V5... High Unreviewed
CVE-2024-31485 was published May 14, 2024
CasaOS Command Injection vulnerability High
CVE-2023-37469 was published for github.com/IceWhaleTech/CasaOS (Go) Aug 5, 2024
A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been classified as... High Unreviewed
CVE-2024-7177 was published Jul 29, 2024
A vulnerability, which was classified as critical, was found in TOTOLINK A3600R 4.1.2cu... High Unreviewed
CVE-2024-7174 was published Jul 29, 2024
In Ruckus R310 10.5.1.0.199, Ruckus R500 10.5.1.0.199, Ruckus R600 10.5.1.0.199, Ruckus T300 10.5... High Unreviewed
CVE-2020-22662 was published Jan 20, 2023
A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 HF1).... High Unreviewed
CVE-2024-39568 was published Jul 9, 2024
A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 HF1).... High Unreviewed
CVE-2024-39569 was published Jul 9, 2024
A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 HF1).... High Unreviewed
CVE-2024-39567 was published Jul 9, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 HF1).... High Unreviewed
CVE-2024-39570 was published Jul 9, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 HF1).... High Unreviewed
CVE-2024-39571 was published Jul 9, 2024
Firmware in KAON AR2140 routers prior to version 4.2.16 is vulnerable to a shell command... High Unreviewed
CVE-2024-3659 was published Aug 8, 2024
In Splunk Enterprise versions below 9.2.1, 9.1.4, and 9.0.9, the Dashboard Examples Hub in the... High Unreviewed
CVE-2024-29946 was published Mar 27, 2024
A command injection vulnerability could allow an authenticated user to execute operating system... High Unreviewed
CVE-2022-4002 was published Jul 31, 2024
A command injection vulnerability exists in /goform/exeCommand in Tenda AC18 v15.03.05.05, which... High Unreviewed
CVE-2024-30891 was published Apr 5, 2024
Stormshield Network Security (SNS) before 4.2.2 allows a read-only administrator to gain... High Unreviewed
CVE-2021-28962 was published Feb 1, 2022
A command injection issue in Palo Alto Networks Cortex XSOAR CommonScripts Pack allows an... High Unreviewed
CVE-2024-5914 was published Aug 14, 2024
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... High Unreviewed
CVE-2024-21879 was published Aug 12, 2024
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... High Unreviewed
CVE-2024-21880 was published Aug 12, 2024
ProTip! Advisories are also available from the GraphQL API