GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,988
Erlang
29
GitHub Actions
16
Go
1,776
Maven
5,000+
npm
3,542
NuGet
617
pip
3,125
Pub
10
RubyGems
838
Rust
790
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
1,754 advisories
Filter by severity
In WhatsUp Gold versions released before 2023.1.3, a Remote Code Execution issue exists in...
Critical
Unreviewed
CVE-2024-4883
was published
Jun 25, 2024
In WhatsUp Gold versions released before 2023.1.3, an unauthenticated Remote Code Execution...
Critical
Unreviewed
CVE-2024-4884
was published
Jun 25, 2024
OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable...
High
Unreviewed
CVE-2024-4639
was published
Jun 25, 2024
OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable...
High
Unreviewed
CVE-2024-4638
was published
Jun 25, 2024
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability...
Critical
Unreviewed
CVE-2024-37091
was published
Jun 24, 2024
A vulnerability has been found in Ruijie RG-UAC 1.0 and classified as critical. This...
Moderate
Unreviewed
CVE-2024-6269
was published
Jun 23, 2024
xterm before 375 allows code execution via font ops, e.g., because an OSC 50 response may have...
Critical
Unreviewed
CVE-2022-45063
was published
Nov 10, 2022
On Mitel 6869i 4.5.0.41 devices, the Manual Firmware Update (upgrade.html) page does not perform...
High
Unreviewed
CVE-2024-37570
was published
Jun 9, 2024
An issue was discovered on Mitel 6869i through 4.5.0.41 and 5.x through 5.0.0.1018 devices. A...
High
Unreviewed
CVE-2024-37569
was published
Jun 9, 2024
Tenda O3V2 v1.0.0.12(3880) was discovered to contain a Blind Command Injection via stpEn...
Critical
Unreviewed
CVE-2024-36604
was published
Jun 4, 2024
A vulnerability in the PyTorch's torch.distributed.rpc framework, specifically in versions prior...
Critical
Unreviewed
CVE-2024-5480
was published
Jun 6, 2024
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability...
Critical
Unreviewed
CVE-2024-34792
was published
Jun 4, 2024
A command injection vulnerability exists in the gradio-app/gradio repository, specifically within...
High
Unreviewed
CVE-2024-4253
was published
Jun 4, 2024
A remote code execution (RCE) vulnerability exists in the parisneo/lollms-webui, specifically...
High
Unreviewed
CVE-2024-4267
was published
May 22, 2024
A vulnerability was found in Arris VAP2500 08.50. It has been declared as critical. Affected by...
Moderate
Unreviewed
CVE-2024-5194
was published
May 22, 2024
A vulnerability classified as critical has been found in Arris VAP2500 08.50. This affects an...
Moderate
Unreviewed
CVE-2024-5196
was published
May 22, 2024
A vulnerability was found in Arris VAP2500 08.50. It has been rated as critical. Affected by this...
Moderate
Unreviewed
CVE-2024-5195
was published
May 22, 2024
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability...
High
Unreviewed
CVE-2024-1417
was published
May 16, 2024
A vulnerability in the web-based management interface of multiple Ligowave devices could allow an...
Unknown
Unreviewed
CVE-2024-4999
was published
May 16, 2024
A vulnerability in the parisneo/lollms, specifically in the `/unInstall_binding` endpoint, allows...
Critical
Unreviewed
CVE-2024-4078
was published
May 16, 2024
A remote code execution vulnerability exists in the parisneo/lollms-webui application,...
Critical
Unreviewed
CVE-2024-2366
was published
May 16, 2024
A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS...
Critical
Unreviewed
CVE-2024-3400
was published
Apr 12, 2024
The Delta Electronics DVW-W02W2-E2 devices expose a web administration interface to users. This...
High
Unreviewed
CVE-2024-3871
was published
Apr 16, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system...
Critical
Unreviewed
CVE-2024-32766
was published
Apr 26, 2024
A vulnerability was found in Beijing Baichuo Smart S85F Management Platform up to 20230807. It...
Moderate
Unreviewed
CVE-2023-4414
was published
Aug 18, 2023
ProTip!
Advisories are also available from the
GraphQL API