GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
263 advisories
Filter by severity
A vulnerability was found in Beijing Baichuo Smart S85F Management Platform up to 20230722 and...
Moderate
Unreviewed
CVE-2023-4120
was published
Aug 3, 2023
ScanCode.io command injection in docker image fetch process
Moderate
CVE-2023-39523
was published
for
scancodeio
(pip)
Aug 9, 2023
Harman Infotainment 20190525031613 and later allows command injection via unauthenticated RPC...
Moderate
Unreviewed
CVE-2023-40293
was published
Aug 14, 2023
A vulnerability in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent...
Moderate
Unreviewed
CVE-2023-20237
was published
Aug 17, 2023
A vulnerability was found in Beijing Baichuo Smart S85F Management Platform up to 20230807. It...
Moderate
Unreviewed
CVE-2023-4414
was published
Aug 18, 2023
?A command injection vulnerability exists in Trane XL824, XL850, XL1050, and Pivot thermostats...
Moderate
Unreviewed
CVE-2023-4212
was published
Aug 22, 2023
A vulnerability in the ClearPass Policy Manager web-based management interface allows remote...
Moderate
Unreviewed
CVE-2023-43510
was published
Oct 25, 2023
Command Injection in pip when used with Mercurial
Moderate
CVE-2023-5752
was published
for
pip
(pip)
Oct 25, 2023
A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker...
Moderate
Unreviewed
CVE-2023-20170
was published
Nov 1, 2023
An issue was discovered on Connectize AC21000 G6 641.139.1.1256 allows attackers to run arbitrary...
Moderate
Unreviewed
CVE-2023-24046
was published
Dec 5, 2023
SAP Solution Manager - version 720, allows an authorized attacker to execute certain deprecated...
Moderate
Unreviewed
CVE-2023-49587
was published
Dec 12, 2023
In Red Hat Advanced Cluster Security (RHACS), it was found that some security related HTTP...
Moderate
Unreviewed
CVE-2023-4958
was published
Dec 12, 2023
A vulnerability was found in Totolink LR1200GB 9.1.0u.6619_B20230130. It has been rated as...
Moderate
Unreviewed
CVE-2024-0291
was published
Jan 8, 2024
A vulnerability classified as critical was found in Totolink X2000R 1.0.0-B20221212.1452....
Moderate
Unreviewed
CVE-2024-0579
was published
Jan 16, 2024
An attacker with access to a Management Console user account with the editor role could escalate...
Moderate
Unreviewed
CVE-2024-0507
was published
Jan 16, 2024
A vulnerability in the web-based management interface of the Cisco WAP371 Wireless-AC/N Dual...
Moderate
Unreviewed
CVE-2024-20287
was published
Jan 17, 2024
A vulnerability was found in TRENDnet TEW-822DRE 1.03B02. It has been declared as critical. This...
Moderate
Unreviewed
CVE-2024-0920
was published
Jan 26, 2024
A vulnerability was found in TRENDnet TEW-815DAP 1.0.2.0. It has been classified as critical....
Moderate
Unreviewed
CVE-2024-0919
was published
Jan 26, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system...
Moderate
Unreviewed
CVE-2023-41281
was published
Feb 2, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system...
Moderate
Unreviewed
CVE-2023-41282
was published
Feb 2, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system...
Moderate
Unreviewed
CVE-2023-41283
was published
Feb 2, 2024
In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an authenticated user with network...
Moderate
Unreviewed
CVE-2023-49716
was published
Feb 9, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system...
Moderate
Unreviewed
CVE-2023-47218
was published
Feb 13, 2024
A vulnerability was found in Totolink X6000R AX3000 9.4.0cu.852_20230719. It has been rated as...
Moderate
Unreviewed
CVE-2024-1781
was published
Feb 23, 2024
Splinefont in FontForge through 20230101 allows command injection via crafted filenames.
Moderate
Unreviewed
CVE-2024-25081
was published
Feb 26, 2024
ProTip!
Advisories are also available from the
GraphQL API