Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,972
Erlang
29
GitHub Actions
16
Go
1,762
Maven
4,983
npm
3,518
NuGet
609
pip
3,094
Pub
10
RubyGems
833
Rust
782
Swift
34
Unreviewed advisories
All unreviewed
5,000+

949 advisories

Loading
HashiCorp go-getter Vulnerable to Code Execution On Git Update Via Git Config Manipulation High
CVE-2024-6257 was published for github.com/hashicorp/go-getter (Go) Jun 25, 2024
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions... High Unreviewed
CVE-2024-36983 was published Jul 1, 2024
Cisco Adaptive Security Appliance (ASA) Software before 8.4(1) on ASA 5500, ASA 5500-X, PIX, and... High Unreviewed
CVE-2016-6367 was published May 17, 2022
The D-Link DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and earlier allows remote... High Unreviewed
CVE-2015-2051 was published May 17, 2022
Shell Injection vulnerability GL.iNet A1300 v4.4.6, AX1800 v4.4.6, AXT1800 v4.4.6, MT3000 v4.4.6,... High Unreviewed
CVE-2023-50445 was published Dec 28, 2023
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface.... High Unreviewed
CVE-2024-1356 was published Mar 5, 2024
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface.... High Unreviewed
CVE-2024-25612 was published Mar 5, 2024
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface.... High Unreviewed
CVE-2024-25611 was published Mar 5, 2024
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface.... High Unreviewed
CVE-2024-25613 was published Mar 5, 2024
Tenda F1202 v1.2.0.20(408) has a command injection vulnerablility in the formWriteFacMac function... High Unreviewed
CVE-2024-30637 was published Mar 29, 2024
VMware SD-WAN Edge contains an unauthenticated command injection vulnerability potentially... High Unreviewed
CVE-2024-22246 was published Apr 2, 2024
Tenda AC7V1.0 v15.03.06.44 firmware contains a command injection vulnerablility in formexeCommand... High Unreviewed
CVE-2024-32281 was published Apr 17, 2024
Tenda FH1203 V2.0.1.6 firmware has a command injection vulnerablility in formexeCommand function... High Unreviewed
CVE-2024-32283 was published Apr 17, 2024
Tenda W30E v1.0 V1.0.1.25(633) firmware contains a command injection vulnerablility in the... High Unreviewed
CVE-2024-32292 was published Apr 17, 2024
A Heap Overflow vulnerability in WLInfoRailService component of Ivanti Avalanche before 6.4.3... High Unreviewed
CVE-2024-22061 was published Apr 19, 2024
D-Link DIR-822+ V1.0.5 was found to contain a command injection in SetPlcNetworkpwd function of... High Unreviewed
CVE-2024-33342 was published Apr 26, 2024
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability via the... High Unreviewed
CVE-2024-33788 was published May 6, 2024
A Blind command injection vulnerability in Tenda O3V2 V1.0.0.12 and earlier allows remote... High Unreviewed
CVE-2024-34338 was published May 14, 2024
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection... High Unreviewed
CVE-2024-32355 was published May 14, 2024
A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could... High Unreviewed
CVE-2024-20326 was published May 16, 2024
Command injection vulnerability in nw_interface.html in SHARP multifunction printers (MFPs)'s... High Unreviewed
CVE-2022-45796 was published Dec 27, 2022
A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V5... High Unreviewed
CVE-2024-31485 was published May 14, 2024
A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050... High Unreviewed
CVE-2023-33919 was published Jun 13, 2023
Vanna prompt injection code execution High
CVE-2024-5565 was published for vanna (pip) May 31, 2024
ProTip! Advisories are also available from the GraphQL API