Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+

2,305 advisories

Loading
A vulnerability in NuPoint Messenger (NPM) of Mitel MiCollab through 9.8.0.33 allows an... Critical Unreviewed
CVE-2024-35285 was published Oct 21, 2024
An issue in DCME-320-L <=9.3.2.114 allows a remote attacker to execute arbitrary code via the... Critical Unreviewed
CVE-2024-48659 was published Oct 21, 2024
A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028 and classified... Moderate Unreviewed
CVE-2024-10193 was published Oct 20, 2024
The `add_llm` function in `llm_app.py` in infiniflow/ragflow version 0.11.0 contains a remote... Critical Unreviewed
CVE-2024-10131 was published Oct 19, 2024
Grafana Command Injection And Local File Inclusion Via Sql Expressions Critical
CVE-2024-9264 was published for github.com/grafana/grafana (Go) Oct 18, 2024
Malayke
Netgear R7000 1.0.11.136 is vulnerable to Command Injection in RMT_invite.cgi via device_name2... High Unreviewed
CVE-2024-35520 was published Oct 15, 2024
Netgear EX6120 v1.0.0.68 is vulnerable to Command Injection in genie_fix2.cgi via the... High Unreviewed
CVE-2024-35518 was published Oct 15, 2024
Netgear EX6120 v1.0.0.68, Netgear EX6100 v1.0.2.28, and Netgear EX3700 v1.0.0.96 are vulnerable... High Unreviewed
CVE-2024-35519 was published Oct 15, 2024
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and... Critical Unreviewed
CVE-2024-48153 was published Oct 14, 2024
Netgear XR1000 v1.0.0.64 is vulnerable to command injection in usb_remote_smb_conf.cgi via the... High Unreviewed
CVE-2024-35517 was published Oct 12, 2024
Netgear EX3700 ' AC750 WiFi Range Extender Essentials Edition before 1.0.0.98 contains an... High Unreviewed
CVE-2024-35522 was published Oct 12, 2024
A vulnerability was discovered in DI_8200-16.07.26A1, which has been classified as critical. This... High Unreviewed
CVE-2024-44413 was published Oct 11, 2024
A Command Injection vulnerability in Juniper Networks Junos Space allows an unauthenticated,... Moderate Unreviewed
CVE-2024-39563 was published Oct 11, 2024
A vulnerability classified as critical was found in Tenda AC1206 up to 15.03.06.23. This... Moderate Unreviewed
CVE-2024-9793 was published Oct 10, 2024
Mware NSX contains a command injection vulnerability.  A malicious actor with access to the NSX... Moderate Unreviewed
CVE-2024-38817 was published Oct 9, 2024
In Progress Telerik Reporting versions prior to 2024 Q3 (2024.3.924), a command injection attack... High Unreviewed
CVE-2024-7840 was published Oct 9, 2024
In linkturbonative service, there is a possible command injection due to improper input... Moderate Unreviewed
CVE-2024-39438 was published Oct 9, 2024
In linkturbonative service, there is a possible command injection due to improper input... Moderate Unreviewed
CVE-2024-39436 was published Oct 9, 2024
In linkturbonative service, there is a possible command injection due to improper input... Moderate Unreviewed
CVE-2024-39437 was published Oct 9, 2024
Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-43591 was published Oct 8, 2024
Visual Studio Code for Linux Remote Code Execution Vulnerability High Unreviewed
CVE-2024-43601 was published Oct 8, 2024
DeepSpeed Remote Code Execution Vulnerability High
CVE-2024-43497 was published for deepspeed (pip) Oct 8, 2024
An OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2... High Unreviewed
CVE-2024-9380 was published Oct 8, 2024
A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0).... Critical Unreviewed
CVE-2024-47562 was published Oct 8, 2024
A vulnerability in the restricted shell of Cisco Expressway Series could allow an authenticated,... Moderate Unreviewed
CVE-2024-20492 was published Oct 2, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database