Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,239
Erlang
31
GitHub Actions
21
Go
2,007
Maven
5,000+
npm
3,716
NuGet
662
pip
3,388
Pub
11
RubyGems
885
Rust
851
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

258 advisories

Loading
A vulnerability was found in DedeCMS up to 5.7.115. It has been rated as critical. This issue... Moderate Unreviewed
CVE-2024-9076 was published Sep 22, 2024
An issue in alist-tvbox v1.7.1 allows a remote attacker to execute arbitrary code via the /atv... Moderate Unreviewed
CVE-2024-48747 was published Nov 26, 2024
Arbitrary commands execution on the server by exploiting a command injection vulnerability in the... Moderate Unreviewed
CVE-2024-11320 was published Nov 26, 2024
TOTOLINK EX200 v4.0.3c.7646_B20201211 was found to contain a command insertion vulnerability in... Moderate Unreviewed
CVE-2024-53333 was published Nov 26, 2024
Ruijie NBR800G gateway NBR_RGOS_11.1(6)B4P9 is vulnerable to command execution in /itbox_pi... Moderate Unreviewed
CVE-2024-51027 was published Nov 14, 2024
Vulnerability in the Oracle Outside In Technology product of Oracle Fusion Middleware (component:... Moderate Unreviewed
CVE-2024-21117 was published Apr 17, 2024
A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been classified as critical.... Moderate Unreviewed
CVE-2024-11046 was published Nov 10, 2024
A vulnerability, which was classified as critical, has been found in TOTOLINK X18 9.1.0cu... Moderate Unreviewed
CVE-2024-10966 was published Nov 7, 2024
Splinefont in FontForge through 20230101 allows command injection via crafted archives or... Moderate Unreviewed
CVE-2024-25082 was published Feb 26, 2024
A vulnerability has been found in Tenda AC6 15.03.05.19 and classified as critical. Affected by... Moderate Unreviewed
CVE-2024-10697 was published Nov 2, 2024
A vulnerability classified as critical was found in Tenda AC1206 up to 15.03.06.23. This... Moderate Unreviewed
CVE-2024-9793 was published Oct 10, 2024
A vulnerability was found in didi Super-Jacoco 1.0. It has been declared as critical. This... Moderate Unreviewed
CVE-2024-10435 was published Oct 28, 2024
A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028 and classified... Moderate Unreviewed
CVE-2024-10193 was published Oct 20, 2024
In linkturbonative service, there is a possible command injection due to improper input... Moderate Unreviewed
CVE-2024-39438 was published Oct 9, 2024
In linkturbonative service, there is a possible command injection due to improper input... Moderate Unreviewed
CVE-2024-39436 was published Oct 9, 2024
In linkturbonative service, there is a possible command injection due to improper input... Moderate Unreviewed
CVE-2024-39437 was published Oct 9, 2024
A Command Injection vulnerability in Juniper Networks Junos Space allows an unauthenticated,... Moderate Unreviewed
CVE-2024-39563 was published Oct 11, 2024
Mware NSX contains a command injection vulnerability.  A malicious actor with access to the NSX... Moderate Unreviewed
CVE-2024-38817 was published Oct 9, 2024
The Xiaomi router AX9000 has a post-authentication command injection vulnerability. This... Moderate Unreviewed
CVE-2023-26315 was published Aug 26, 2024
A vulnerability in the restricted shell of Cisco Expressway Series could allow an authenticated,... Moderate Unreviewed
CVE-2024-20492 was published Oct 2, 2024
A vulnerability in the Redfish API of Cisco UCS B-Series, Cisco UCS Managed C-Series, and Cisco... Moderate Unreviewed
CVE-2024-20365 was published Oct 2, 2024
PCAN-Ethernet Gateway FD before 1.3.0 and PCAN-Ethernet Gateway before 2.11.0 are vulnerable to... Moderate Unreviewed
CVE-2024-44610 was published Oct 1, 2024
Monica AI Assistant desktop application v2.3.0 is vulnerable to Exposure of Sensitive Information... Moderate Unreviewed
CVE-2024-45989 was published Sep 26, 2024
An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows... Moderate Unreviewed
CVE-2024-8405 was published Sep 26, 2024
An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows... Moderate Unreviewed
CVE-2024-4712 was published May 14, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database