GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,878
Composer 4,266
Erlang 31
GitHub Actions 21
Go 2,035
Maven 5,219
npm 3,732
NuGet 662
pip 3,413
Pub 12
RubyGems 891
Rust 865
Swift 36

Unreviewed advisories

All unreviewed 237,797

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

332 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability was found in WeiYe-Jing datax-web 2.1.1. It has been classified as critical. This... Moderate Unreviewed

CVE-2024-12358 was published Dec 9, 2024

An issue in TOTOLINK-CX-A3002RU V1.0.4-B20171106.1512 and TOTOLINK-CX-N150RT V2.1.6-B20171121... Moderate Unreviewed

CVE-2024-51228 was published Nov 27, 2024

A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS... Moderate Unreviewed

CVE-2024-9474 was published Nov 18, 2024

The Logo Slider WordPress plugin before 4.5.0 does not sanitise and escape some of its Logo and... Moderate Unreviewed

CVE-2024-10896 was published Nov 28, 2024

A vulnerability was found in DedeCMS up to 5.7.115. It has been rated as critical. This issue... Moderate Unreviewed

CVE-2024-9076 was published Sep 22, 2024

A CWE-798 "Use of Hard-coded Credentials" was discovered affecting the following devices... Moderate Unreviewed

CVE-2024-50377 was published Nov 26, 2024

Visteon Infotainment REFLASH_DDU_ExtractFile Command Injection Remote Code Execution... Moderate Unreviewed

CVE-2024-8360 was published Nov 23, 2024

Visteon Infotainment REFLASH_DDU_FindFile Command Injection Remote Code Execution Vulnerability.... Moderate Unreviewed

CVE-2024-8359 was published Nov 23, 2024

Visteon Infotainment UPDATES_ExtractFile Command Injection Remote Code Execution Vulnerability.... Moderate Unreviewed

CVE-2024-8358 was published Nov 23, 2024

Wyze Cam v3 Wi-Fi SSID OS Command Injection Remote Code Execution Vulnerability. This... Moderate Unreviewed

CVE-2024-6247 was published Nov 22, 2024

A vulnerability in the web-based management interface and in the API subsystem of Cisco&nbsp... Moderate Unreviewed

CVE-2022-20652 was published Nov 15, 2024

A vulnerability in the web management interface of Cisco AsyncOS for Cisco Secure Web... Moderate Unreviewed

CVE-2022-20871 was published Nov 15, 2024

Multiple improper neutralization of special elements used in an OS command ('OS Command Injection... Moderate Unreviewed

CVE-2024-32118 was published Nov 12, 2024

A post-authentication command injection vulnerability in the CGI program in the Zyxel GS1900-48... Moderate Unreviewed

CVE-2024-8881 was published Nov 12, 2024

A vulnerability has been found in didi Super-Jacoco 1.0 and classified as critical. Affected by... Moderate Unreviewed

CVE-2024-10919 was published Nov 6, 2024

Brandon Rothel from QED Secure Solutions has found that the VAPIX API tcptest.cgi did not have a... Moderate Unreviewed

CVE-2023-5677 was published Feb 5, 2024

An issue was discovered in Logpoint before 7.5.0. Unvalidated input during the EventHub Collector... Moderate Unreviewed

CVE-2024-48954 was published Nov 7, 2024

A vulnerability classified as critical was found in Tenda AC1206 up to 15.03.06.23. This... Moderate Unreviewed

CVE-2024-9793 was published Oct 10, 2024

A local user with administrative access rights can enter specialy crafted values for settings at... Moderate Unreviewed

CVE-2024-8934 was published Oct 31, 2024

A vulnerability in the cluster backup feature of Cisco Secure Firewall Management Center (FMC)... Moderate Unreviewed

CVE-2024-20275 was published Oct 23, 2024

A vulnerability classified as critical has been found in mikexstudios Xcomic up to 0.8.2. This... Moderate Unreviewed

CVE-2005-10003 was published Oct 17, 2024

A vulnerability in the CLI of Cisco ATA 190 Series Analog Telephone Adapter firmware could... Moderate Unreviewed

CVE-2024-20461 was published Oct 16, 2024

A vulnerability in the web-based management interface of Cisco ATA 190 Multiplatform Series... Moderate Unreviewed

CVE-2024-20459 was published Oct 16, 2024

The OBS service obs-service-download_url was vulnerable to a command injection vulnerability. The... Moderate Unreviewed

CVE-2024-22033 was published Oct 16, 2024

A vulnerability, which was classified as critical, was found in MitraStar GPT-2541GNAC BR_g5.6_1... Moderate Unreviewed

CVE-2024-9977 was published Oct 15, 2024

Previous 1 2 3 4 5 … 13 14 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

332 advisories