GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,249
Erlang
31
GitHub Actions
21
Go
2,018
Maven
5,000+
npm
3,723
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
857
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
807 advisories
Filter by severity
IBM Security Verify Access Appliance 10.0.0 through 10.0.8 could allow a remote authenticated...
Critical
Unreviewed
CVE-2024-49803
was published
Nov 29, 2024
A vulnerability in ESM 11.6.10 allows unauthenticated access to the internal Snowservice API and...
Critical
Unreviewed
CVE-2024-11482
was published
Nov 29, 2024
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command...
Critical
Unreviewed
CVE-2024-50370
was published
Nov 26, 2024
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command...
Critical
Unreviewed
CVE-2024-50372
was published
Nov 26, 2024
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command...
Critical
Unreviewed
CVE-2024-50373
was published
Nov 26, 2024
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command...
Critical
Unreviewed
CVE-2024-50371
was published
Nov 26, 2024
A CWE-306 "Missing Authentication for Critical Function" was discovered affecting the following...
Critical
Unreviewed
CVE-2024-50375
was published
Nov 26, 2024
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command...
Critical
Unreviewed
CVE-2024-50374
was published
Nov 26, 2024
A parameter within a command does not properly validate input within myPRO Manager which could be...
Critical
Unreviewed
CVE-2024-47407
was published
Nov 23, 2024
An OS Command Injection vulnerability exists within myPRO Manager. A parameter within a command...
Critical
Unreviewed
CVE-2024-52034
was published
Nov 23, 2024
Cohesive Networks VNS3 Command Injection Remote Code Execution Vulnerability. This vulnerability...
Critical
Unreviewed
CVE-2024-8807
was published
Nov 22, 2024
Cohesive Networks VNS3 Command Injection Remote Code Execution Vulnerability. This vulnerability...
Critical
Unreviewed
CVE-2024-8806
was published
Nov 22, 2024
D-Link DI-8200 16.07.26A1 is vulnerable to remote command execution in the msp_info_htm function...
Critical
Unreviewed
CVE-2024-51151
was published
Nov 22, 2024
A vulnerability in the web UI of Cisco IND could allow an authenticated, remote attacker to...
Critical
Unreviewed
CVE-2023-20036
was published
Nov 15, 2024
Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote...
Critical
Unreviewed
CVE-2024-11120
was published
Nov 15, 2024
A Python command injection vulnerability exists in the `SagemakerLLM` class's `complete()` method...
Critical
Unreviewed
CVE-2024-4343
was published
Nov 14, 2024
Command injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure...
Critical
Unreviewed
CVE-2024-11005
was published
Nov 12, 2024
Command injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure...
Critical
Unreviewed
CVE-2024-11006
was published
Nov 12, 2024
Command injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure...
Critical
Unreviewed
CVE-2024-11007
was published
Nov 12, 2024
EnGenius EWS356-FIT devices through 1.1.30 allow blind OS command injection. This allows an...
Critical
Unreviewed
CVE-2024-36061
was published
Nov 11, 2024
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected...
Critical
Unreviewed
CVE-2024-46890
was published
Nov 12, 2024
A vulnerability was found in D-Link DNS-320, DNS-320LW, DNS-325 and DNS-340L up to 20241028. It...
Critical
Unreviewed
CVE-2024-10915
was published
Nov 6, 2024
The pwrstudio web application of EV Charger (in the server in Circontrol Raption through 5.6.2)...
Critical
Unreviewed
CVE-2020-8007
was published
Nov 8, 2024
Dell Enterprise SONiC OS, version(s) 4.1.x, 4.2.x, contain(s) an Improper Neutralization of...
Critical
Unreviewed
CVE-2024-45763
was published
Nov 8, 2024
Dell Enterprise SONiC OS, version(s) 4.1.x, 4.2.x, contain(s) an Improper Neutralization of...
Critical
Unreviewed
CVE-2024-45765
was published
Nov 8, 2024
ProTip!
Advisories are also available from the
GraphQL API