GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,205 advisories
Filter by severity
Splinefont in FontForge through 20230101 allows command injection via crafted filenames.
Moderate
Unreviewed
CVE-2024-25081
was published
Feb 26, 2024
An issue was discovered in Linksys Router E1700 version 1.0.04 (build 3), allows authenticated...
High
Unreviewed
CVE-2024-22544
was published
Feb 27, 2024
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote...
High
Unreviewed
CVE-2024-26297
was published
Feb 28, 2024
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote...
High
Unreviewed
CVE-2024-26295
was published
Feb 28, 2024
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote...
High
Unreviewed
CVE-2024-26296
was published
Feb 28, 2024
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote...
High
Unreviewed
CVE-2024-26298
was published
Feb 28, 2024
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote...
High
Unreviewed
CVE-2024-26294
was published
Feb 28, 2024
An issue in TRENDnet TEW-822DRE v.1.03B02 allows a local attacker to execute arbitrary code via...
Moderate
Unreviewed
CVE-2023-51835
was published
Feb 29, 2024
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface....
High
Unreviewed
CVE-2024-1356
was published
Mar 5, 2024
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface....
High
Unreviewed
CVE-2024-25612
was published
Mar 5, 2024
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface....
High
Unreviewed
CVE-2024-25611
was published
Mar 5, 2024
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface....
High
Unreviewed
CVE-2024-25613
was published
Mar 5, 2024
PaddlePaddle command injection vulnerability
Critical
CVE-2024-0817
was published
for
paddlepaddle
(pip)
Mar 7, 2024
1Panel is vulnerable to command injection
Moderate
CVE-2024-2352
was published
for
github.com/1Panel-dev/1Panel
(Go)
Mar 10, 2024
Outlook for Android Information Disclosure Vulnerability
High
Unreviewed
CVE-2024-26204
was published
Mar 12, 2024
Vinchin Backup and Recovery 7.2 and Earlier is vulnerable to Authenticated Remote Code Execution ...
High
Unreviewed
CVE-2024-25228
was published
Mar 14, 2024
There is a command injection vulnerability in the TRENDnet TEW-827DRU router with firmware...
Critical
Unreviewed
CVE-2024-28354
was published
Mar 15, 2024
There is a command injection vulnerability in the TRENDnet TEW-827DRU router with firmware...
High
Unreviewed
CVE-2024-28353
was published
Mar 15, 2024
FitNesse allows execution of arbitrary OS commands
Critical
CVE-2024-28125
was published
for
org.fitnesse:fitnesse
(Maven)
Mar 18, 2024
RCE in TranformGraph().to_dot_graph function
High
CVE-2023-41334
was published
for
astropy
(pip)
Mar 18, 2024
A vulnerability was found in Ruijie RG-NBS2009G-P up to 20240305. It has been declared as...
High
Unreviewed
CVE-2024-2642
was published
Mar 20, 2024
Distrobox before 1.7.0.1 allows attackers to execute arbitrary code via command injection into...
Critical
Unreviewed
CVE-2024-29864
was published
Mar 21, 2024
DIR-845L router <= v1.01KRb03 has an Unauthenticated remote code execution vulnerability in the...
Critical
Unreviewed
CVE-2024-29385
was published
Mar 22, 2024
A command injection vulnerability exists in the cgibin binary in DIR-845L router firmware <= v1...
High
Unreviewed
CVE-2024-29366
was published
Mar 22, 2024
HGW BL1500HM Ver 002.001.013 and earlier allows a network-adjacent unauthenticated attacker to...
High
Unreviewed
CVE-2024-28041
was published
Mar 25, 2024
ProTip!
Advisories are also available from the
GraphQL API