Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,988
Erlang
29
GitHub Actions
16
Go
1,779
Maven
5,000+
npm
3,544
NuGet
619
pip
3,130
Pub
10
RubyGems
838
Rust
792
Swift
34
Unreviewed advisories
All unreviewed
5,000+

955 advisories

Loading
Livestatus Query Language (LQL) injection in the AuthUser HTTP query header of Tribe29's Checkmk ... High Unreviewed
CVE-2022-47909 was published Feb 20, 2023
A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 HF1).... High Unreviewed
CVE-2024-39567 was published Jul 9, 2024
A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 HF1).... High Unreviewed
CVE-2024-39568 was published Jul 9, 2024
A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 HF1).... High Unreviewed
CVE-2024-39569 was published Jul 9, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 HF1).... High Unreviewed
CVE-2024-39571 was published Jul 9, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 HF1).... High Unreviewed
CVE-2024-39570 was published Jul 9, 2024
A local privilege escalation vlnerability in the WatchGuard Mobile VPN with SSL client on Windows... High Unreviewed
CVE-2024-4944 was published Jul 9, 2024
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions... High Unreviewed
CVE-2024-36983 was published Jul 1, 2024
Vanna prompt injection code execution High
CVE-2024-5565 was published for vanna (pip) May 31, 2024
A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050... High Unreviewed
CVE-2023-33919 was published Jun 13, 2023
A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V5... High Unreviewed
CVE-2024-31485 was published May 14, 2024
Command injection vulnerability in nw_interface.html in SHARP multifunction printers (MFPs)'s... High Unreviewed
CVE-2022-45796 was published Dec 27, 2022
A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could... High Unreviewed
CVE-2024-20326 was published May 16, 2024
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection... High Unreviewed
CVE-2024-32355 was published May 14, 2024
A Blind command injection vulnerability in Tenda O3V2 V1.0.0.12 and earlier allows remote... High Unreviewed
CVE-2024-34338 was published May 14, 2024
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability via the... High Unreviewed
CVE-2024-33788 was published May 6, 2024
D-Link DIR-822+ V1.0.5 was found to contain a command injection in SetPlcNetworkpwd function of... High Unreviewed
CVE-2024-33342 was published Apr 26, 2024
A Heap Overflow vulnerability in WLInfoRailService component of Ivanti Avalanche before 6.4.3... High Unreviewed
CVE-2024-22061 was published Apr 19, 2024
Tenda W30E v1.0 V1.0.1.25(633) firmware contains a command injection vulnerablility in the... High Unreviewed
CVE-2024-32292 was published Apr 17, 2024
Tenda FH1203 V2.0.1.6 firmware has a command injection vulnerablility in formexeCommand function... High Unreviewed
CVE-2024-32283 was published Apr 17, 2024
Tenda AC7V1.0 v15.03.06.44 firmware contains a command injection vulnerablility in formexeCommand... High Unreviewed
CVE-2024-32281 was published Apr 17, 2024
VMware SD-WAN Edge contains an unauthenticated command injection vulnerability potentially... High Unreviewed
CVE-2024-22246 was published Apr 2, 2024
Tenda F1202 v1.2.0.20(408) has a command injection vulnerablility in the formWriteFacMac function... High Unreviewed
CVE-2024-30637 was published Mar 29, 2024
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface.... High Unreviewed
CVE-2024-25611 was published Mar 5, 2024
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface.... High Unreviewed
CVE-2024-1356 was published Mar 5, 2024
ProTip! Advisories are also available from the GraphQL API