Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+

287 advisories

Loading
A vulnerability, which was classified as critical, has been found in D-Link DI-8100 16.07. This... Moderate Unreviewed
CVE-2024-7436 was published Aug 3, 2024
A vulnerability was found in TOTOLINK LR1200 9.3.1cu.2832 and classified as critical. Affected by... Moderate Unreviewed
CVE-2024-7215 was published Jul 30, 2024
A vulnerability has been found in TOTOLINK LR350 9.3.5u.6369_B20220309 and classified as critical... Moderate Unreviewed
CVE-2024-7214 was published Jul 30, 2024
A vulnerability classified as critical was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. This... Moderate Unreviewed
CVE-2024-7181 was published Jul 29, 2024
A vulnerability was found in TOTOLINK A3100R 4.1.2cu.5050_B20200504. It has been declared as... Moderate Unreviewed
CVE-2024-7158 was published Jul 28, 2024
A vulnerability classified as critical has been found in TOTOLINK A3700R 9.1.2u.5822_B20200513.... Moderate Unreviewed
CVE-2024-7160 was published Jul 28, 2024
An authenticated command injection vulnerability exists in the HPE Aruba Networking EdgeConnect... Moderate Unreviewed
CVE-2024-41136 was published Jul 24, 2024
In streampark, the project module integrates Maven's compilation capabilities. The input... Moderate Unreviewed
CVE-2024-29737 was published Jul 17, 2024
In streampark, the project module integrates Maven's compilation capabilities. The input... Moderate Unreviewed
CVE-2023-52291 was published Jul 17, 2024
H3C Magic R230 V100R002's udpserver opens port 9034, allowing attackers to execute arbitrary... Moderate Unreviewed
CVE-2024-38903 was published Jun 24, 2024
WAVLINK WN551K1 found a command injection vulnerability through the start_hour parameter of /cgi... Moderate Unreviewed
CVE-2024-38896 was published Jun 24, 2024
WAVLINK WN551K1 found a command injection vulnerability through the IP parameter of /cgi-bin... Moderate Unreviewed
CVE-2024-38894 was published Jun 24, 2024
A vulnerability has been found in Ruijie RG-UAC 1.0 and classified as critical. This... Moderate Unreviewed
CVE-2024-6269 was published Jun 23, 2024
A vulnerability classified as critical has been found in Arris VAP2500 08.50. This affects an... Moderate Unreviewed
CVE-2024-5196 was published May 22, 2024
A vulnerability was found in Arris VAP2500 08.50. It has been rated as critical. Affected by this... Moderate Unreviewed
CVE-2024-5195 was published May 22, 2024
A vulnerability was found in Arris VAP2500 08.50. It has been declared as critical. Affected by... Moderate Unreviewed
CVE-2024-5194 was published May 22, 2024
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection... Moderate Unreviewed
CVE-2024-32354 was published May 14, 2024
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an authenticated remote command... Moderate Unreviewed
CVE-2024-32349 was published May 14, 2024
An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows... Moderate Unreviewed
CVE-2024-4712 was published May 14, 2024
TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection... Moderate Unreviewed
CVE-2024-34206 was published May 14, 2024
1Panel arbitrary file write vulnerability Moderate
CVE-2024-34352 was published for github.com/1Panel-dev/1Panel (Go) May 9, 2024
an5er
D-LINK DIR-845L <=v1.01KRb03 is vulnerable to Information disclosurey via bsc_sms_inbox.php. Moderate Unreviewed
CVE-2024-33113 was published May 6, 2024
TRENDnet TEW-815DAP 1.0.2.0 is vulnerable to Command Injection via the do_setNTP function. An... Moderate Unreviewed
CVE-2024-22546 was published Apr 30, 2024
dcnnt-py is vulnerable to command injection via Notification Handler Moderate
CVE-2023-1000 was published for dcnnt (pip) Apr 27, 2024
CSV Injection vulnerability in the Asus RT-N12+ router allows administrator users to inject... Moderate Unreviewed
CVE-2024-28328 was published Apr 26, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database