Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,013 advisories

Loading
The `add_llm` function in `llm_app.py` in infiniflow/ragflow version 0.11.0 contains a remote... Critical Unreviewed
CVE-2024-10131 was published Oct 19, 2024
Netgear EX6120 v1.0.0.68, Netgear EX6100 v1.0.2.28, and Netgear EX3700 v1.0.0.96 are vulnerable... High Unreviewed
CVE-2024-35519 was published Oct 15, 2024
Netgear EX6120 v1.0.0.68 is vulnerable to Command Injection in genie_fix2.cgi via the... High Unreviewed
CVE-2024-35518 was published Oct 15, 2024
Netgear R7000 1.0.11.136 is vulnerable to Command Injection in RMT_invite.cgi via device_name2... High Unreviewed
CVE-2024-35520 was published Oct 15, 2024
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and... Critical Unreviewed
CVE-2024-48153 was published Oct 14, 2024
Netgear EX3700 ' AC750 WiFi Range Extender Essentials Edition before 1.0.0.98 contains an... High Unreviewed
CVE-2024-35522 was published Oct 12, 2024
Netgear XR1000 v1.0.0.64 is vulnerable to command injection in usb_remote_smb_conf.cgi via the... High Unreviewed
CVE-2024-35517 was published Oct 12, 2024
A vulnerability was discovered in DI_8200-16.07.26A1, which has been classified as critical. This... High Unreviewed
CVE-2024-44413 was published Oct 11, 2024
A Command Injection vulnerability in Juniper Networks Junos Space allows an unauthenticated,... Moderate Unreviewed
CVE-2024-39563 was published Oct 11, 2024
A vulnerability classified as critical was found in Tenda AC1206 up to 15.03.06.23. This... Moderate Unreviewed
CVE-2024-9793 was published Oct 10, 2024
Mware NSX contains a command injection vulnerability.  A malicious actor with access to the NSX... Moderate Unreviewed
CVE-2024-38817 was published Oct 9, 2024
In Progress Telerik Reporting versions prior to 2024 Q3 (2024.3.924), a command injection attack... High Unreviewed
CVE-2024-7840 was published Oct 9, 2024
In linkturbonative service, there is a possible command injection due to improper input... Moderate Unreviewed
CVE-2024-39438 was published Oct 9, 2024
In linkturbonative service, there is a possible command injection due to improper input... Moderate Unreviewed
CVE-2024-39436 was published Oct 9, 2024
In linkturbonative service, there is a possible command injection due to improper input... Moderate Unreviewed
CVE-2024-39437 was published Oct 9, 2024
Visual Studio Code for Linux Remote Code Execution Vulnerability High Unreviewed
CVE-2024-43601 was published Oct 8, 2024
Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-43591 was published Oct 8, 2024
An OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2... High Unreviewed
CVE-2024-9380 was published Oct 8, 2024
A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0).... Critical Unreviewed
CVE-2024-47562 was published Oct 8, 2024
A vulnerability in the restricted shell of Cisco Expressway Series could allow an authenticated,... Moderate Unreviewed
CVE-2024-20492 was published Oct 2, 2024
A vulnerability in the Redfish API of Cisco UCS B-Series, Cisco UCS Managed C-Series, and Cisco... Moderate Unreviewed
CVE-2024-20365 was published Oct 2, 2024
A vulnerability in the REST API and web UI of Cisco Nexus Dashboard Fabric Controller (NDFC)... Critical Unreviewed
CVE-2024-20432 was published Oct 2, 2024
Scriptcase 9.10.023 and before is vulnerable to Remote Code Execution (RCE) via the nm_unzip... High Unreviewed
CVE-2024-46084 was published Oct 1, 2024
PCAN-Ethernet Gateway FD before 1.3.0 and PCAN-Ethernet Gateway before 2.11.0 are vulnerable to... Moderate Unreviewed
CVE-2024-44610 was published Oct 1, 2024
Wiz Code Visual Studio Code extension in versions 1.0.0 up to 1.5.3 and Wiz (legacy) Visual... High Unreviewed
CVE-2024-9145 was published Oct 1, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database