GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,972
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,983
npm
3,518
NuGet
609
pip
3,094
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,746 advisories
Filter by severity
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions...
High
Unreviewed
CVE-2024-36983
was published
Jul 1, 2024
This Advisory describes an issue that impacts Arista Wireless Access Points. Any entity with the...
High
Unreviewed
CVE-2024-4578
was published
Jun 27, 2024
TELSAT marKoni FM Transmitters are vulnerable to a command injection vulnerability through the...
Unknown
Unreviewed
CVE-2024-39373
was published
Jun 27, 2024
In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Remote Code Execution...
Critical
Unreviewed
CVE-2024-4884
was published
Jun 25, 2024
In WhatsUp Gold versions released before 2023.1.3, a Remote Code Execution issue exists in...
Critical
Unreviewed
CVE-2024-4883
was published
Jun 25, 2024
OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable...
High
Unreviewed
CVE-2024-4639
was published
Jun 25, 2024
OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable...
High
Unreviewed
CVE-2024-4638
was published
Jun 25, 2024
WAVLINK WN551K1 found a command injection vulnerability through the IP parameter of /cgi-bin...
Moderate
Unreviewed
CVE-2024-38894
was published
Jun 24, 2024
WAVLINK WN551K1 found a command injection vulnerability through the start_hour parameter of /cgi...
Moderate
Unreviewed
CVE-2024-38896
was published
Jun 24, 2024
H3C Magic R230 V100R002's udpserver opens port 9034, allowing attackers to execute arbitrary...
Moderate
Unreviewed
CVE-2024-38903
was published
Jun 24, 2024
The CRUDDIY project is vulnerable to shell command injection via sending a crafted POST request...
High
Unreviewed
CVE-2024-4748
was published
Jun 24, 2024
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability...
Critical
Unreviewed
CVE-2024-37091
was published
Jun 24, 2024
A vulnerability has been found in Ruijie RG-UAC 1.0 and classified as critical. This...
Moderate
Unreviewed
CVE-2024-6269
was published
Jun 23, 2024
Actual Analyzer through 2014-08-29 allows code execution via shell metacharacters because...
Critical
Unreviewed
CVE-2014-5470
was published
Jun 22, 2024
TRENDnet TEW-814DAP v1_(FW1.01B01) was discovered to contain a command injection vulnerability...
Critical
Unreviewed
CVE-2024-37642
was published
Jun 14, 2024
On Mitel 6869i 4.5.0.41 devices, the Manual Firmware Update (upgrade.html) page does not perform...
High
Unreviewed
CVE-2024-37570
was published
Jun 9, 2024
An issue was discovered on Mitel 6869i through 4.5.0.41 and 5.x through 5.0.0.1018 devices. A...
High
Unreviewed
CVE-2024-37569
was published
Jun 9, 2024
A vulnerability in the PyTorch's torch.distributed.rpc framework, specifically in versions prior...
Critical
Unreviewed
CVE-2024-5480
was published
Jun 6, 2024
Tenda O3V2 v1.0.0.12(3880) was discovered to contain a Blind Command Injection via stpEn...
Critical
Unreviewed
CVE-2024-36604
was published
Jun 4, 2024
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability...
Critical
Unreviewed
CVE-2024-34792
was published
Jun 4, 2024
A command injection vulnerability exists in the gradio-app/gradio repository, specifically within...
High
Unreviewed
CVE-2024-4253
was published
Jun 4, 2024
A remote code execution (RCE) vulnerability exists in the parisneo/lollms-webui, specifically...
High
Unreviewed
CVE-2024-4267
was published
May 22, 2024
A vulnerability was found in Arris VAP2500 08.50. It has been rated as critical. Affected by this...
Moderate
Unreviewed
CVE-2024-5195
was published
May 22, 2024
A vulnerability was found in Arris VAP2500 08.50. It has been declared as critical. Affected by...
Moderate
Unreviewed
CVE-2024-5194
was published
May 22, 2024
A vulnerability classified as critical has been found in Arris VAP2500 08.50. This affects an...
Moderate
Unreviewed
CVE-2024-5196
was published
May 22, 2024
ProTip!
Advisories are also available from the
GraphQL API