GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
282 advisories
Filter by severity
A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been classified as critical....
Moderate
Unreviewed
CVE-2024-11046
was published
Nov 10, 2024
A vulnerability, which was classified as critical, has been found in TOTOLINK X18 9.1.0cu...
Moderate
Unreviewed
CVE-2024-10966
was published
Nov 7, 2024
Splinefont in FontForge through 20230101 allows command injection via crafted archives or...
Moderate
Unreviewed
CVE-2024-25082
was published
Feb 26, 2024
A vulnerability has been found in Tenda AC6 15.03.05.19 and classified as critical. Affected by...
Moderate
Unreviewed
CVE-2024-10697
was published
Nov 2, 2024
A vulnerability classified as critical was found in Tenda AC1206 up to 15.03.06.23. This...
Moderate
Unreviewed
CVE-2024-9793
was published
Oct 10, 2024
A vulnerability was found in didi Super-Jacoco 1.0. It has been declared as critical. This...
Moderate
Unreviewed
CVE-2024-10435
was published
Oct 28, 2024
A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028 and classified...
Moderate
Unreviewed
CVE-2024-10193
was published
Oct 20, 2024
In linkturbonative service, there is a possible command injection due to improper input...
Moderate
Unreviewed
CVE-2024-39436
was published
Oct 9, 2024
In linkturbonative service, there is a possible command injection due to improper input...
Moderate
Unreviewed
CVE-2024-39437
was published
Oct 9, 2024
In linkturbonative service, there is a possible command injection due to improper input...
Moderate
Unreviewed
CVE-2024-39438
was published
Oct 9, 2024
Command Injection in pip when used with Mercurial
Moderate
CVE-2023-5752
was published
for
pip
(pip)
Oct 25, 2023
A Command Injection vulnerability in Juniper Networks Junos Space allows an unauthenticated,...
Moderate
Unreviewed
CVE-2024-39563
was published
Oct 11, 2024
Mware NSX contains a command injection vulnerability.
A malicious actor with access to the NSX...
Moderate
Unreviewed
CVE-2024-38817
was published
Oct 9, 2024
The Xiaomi router AX9000 has a post-authentication command injection vulnerability. This...
Moderate
Unreviewed
CVE-2023-26315
was published
Aug 26, 2024
A vulnerability in the restricted shell of Cisco Expressway Series could allow an authenticated,...
Moderate
Unreviewed
CVE-2024-20492
was published
Oct 2, 2024
A vulnerability in the Redfish API of Cisco UCS B-Series, Cisco UCS Managed C-Series, and Cisco...
Moderate
Unreviewed
CVE-2024-20365
was published
Oct 2, 2024
PCAN-Ethernet Gateway FD before 1.3.0 and PCAN-Ethernet Gateway before 2.11.0 are vulnerable to...
Moderate
Unreviewed
CVE-2024-44610
was published
Oct 1, 2024
Monica AI Assistant desktop application v2.3.0 is vulnerable to Exposure of Sensitive Information...
Moderate
Unreviewed
CVE-2024-45989
was published
Sep 26, 2024
An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows...
Moderate
Unreviewed
CVE-2024-8405
was published
Sep 26, 2024
An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows...
Moderate
Unreviewed
CVE-2024-4712
was published
May 14, 2024
Xiaomi Router AX9000 has a post-authorization command injection vulnerability. This vulnerability...
Moderate
Unreviewed
CVE-2024-45348
was published
Sep 23, 2024
Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a vulnerability when using...
Moderate
Unreviewed
CVE-2023-31429
was published
Aug 1, 2023
An OS command injection vulnerability has been reported to affect several QNAP operating system...
Moderate
Unreviewed
CVE-2024-21903
was published
Sep 6, 2024
Post-authentication remote command injection vulnerabilities in Western Digital My Cloud OS 5...
Moderate
Unreviewed
CVE-2023-22815
was published
Jul 1, 2023
A vulnerability classified as critical was found in D-Link DNS-120, DNR-202L, DNS-315L, DNS-320,...
Moderate
Unreviewed
CVE-2024-8214
was published
Aug 27, 2024
ProTip!
Advisories are also available from the
GraphQL API