Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,205 advisories

Loading
Splinefont in FontForge through 20230101 allows command injection via crafted filenames. Moderate Unreviewed
CVE-2024-25081 was published Feb 26, 2024
An issue was discovered in Linksys Router E1700 version 1.0.04 (build 3), allows authenticated... High Unreviewed
CVE-2024-22544 was published Feb 27, 2024
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote... High Unreviewed
CVE-2024-26297 was published Feb 28, 2024
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote... High Unreviewed
CVE-2024-26295 was published Feb 28, 2024
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote... High Unreviewed
CVE-2024-26296 was published Feb 28, 2024
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote... High Unreviewed
CVE-2024-26298 was published Feb 28, 2024
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote... High Unreviewed
CVE-2024-26294 was published Feb 28, 2024
An issue in TRENDnet TEW-822DRE v.1.03B02 allows a local attacker to execute arbitrary code via... Moderate Unreviewed
CVE-2023-51835 was published Feb 29, 2024
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface.... High Unreviewed
CVE-2024-1356 was published Mar 5, 2024
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface.... High Unreviewed
CVE-2024-25612 was published Mar 5, 2024
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface.... High Unreviewed
CVE-2024-25611 was published Mar 5, 2024
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface.... High Unreviewed
CVE-2024-25613 was published Mar 5, 2024
PaddlePaddle command injection vulnerability Critical
CVE-2024-0817 was published for paddlepaddle (pip) Mar 7, 2024
1Panel is vulnerable to command injection Moderate
CVE-2024-2352 was published for github.com/1Panel-dev/1Panel (Go) Mar 10, 2024
Outlook for Android Information Disclosure Vulnerability High Unreviewed
CVE-2024-26204 was published Mar 12, 2024
Vinchin Backup and Recovery 7.2 and Earlier is vulnerable to Authenticated Remote Code Execution ... High Unreviewed
CVE-2024-25228 was published Mar 14, 2024
There is a command injection vulnerability in the TRENDnet TEW-827DRU router with firmware... Critical Unreviewed
CVE-2024-28354 was published Mar 15, 2024
There is a command injection vulnerability in the TRENDnet TEW-827DRU router with firmware... High Unreviewed
CVE-2024-28353 was published Mar 15, 2024
FitNesse allows execution of arbitrary OS commands Critical
CVE-2024-28125 was published for org.fitnesse:fitnesse (Maven) Mar 18, 2024
RCE in TranformGraph().to_dot_graph function High
CVE-2023-41334 was published for astropy (pip) Mar 18, 2024
u32i
A vulnerability was found in Ruijie RG-NBS2009G-P up to 20240305. It has been declared as... High Unreviewed
CVE-2024-2642 was published Mar 20, 2024
Distrobox before 1.7.0.1 allows attackers to execute arbitrary code via command injection into... Critical Unreviewed
CVE-2024-29864 was published Mar 21, 2024
DIR-845L router <= v1.01KRb03 has an Unauthenticated remote code execution vulnerability in the... Critical Unreviewed
CVE-2024-29385 was published Mar 22, 2024
A command injection vulnerability exists in the cgibin binary in DIR-845L router firmware <= v1... High Unreviewed
CVE-2024-29366 was published Mar 22, 2024
HGW BL1500HM Ver 002.001.013 and earlier allows a network-adjacent unauthenticated attacker to... High Unreviewed
CVE-2024-28041 was published Mar 25, 2024
ProTip! Advisories are also available from the GraphQL API