GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,992
Erlang
29
GitHub Actions
16
Go
1,782
Maven
5,000+
npm
3,544
NuGet
619
pip
3,134
Pub
10
RubyGems
838
Rust
795
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
195 advisories
Filter by severity
A vulnerability was found in TOTOLINK A3100R 4.1.2cu.5050_B20200504. It has been declared as...
Moderate
Unreviewed
CVE-2024-7158
was published
Jul 28, 2024
A vulnerability classified as critical has been found in TOTOLINK A3700R 9.1.2u.5822_B20200513....
Moderate
Unreviewed
CVE-2024-7160
was published
Jul 28, 2024
In streampark, the project module integrates Maven's compilation capabilities. The input...
Moderate
Unreviewed
CVE-2023-52291
was published
Jul 17, 2024
In streampark, the project module integrates Maven's compilation capabilities. The input...
Moderate
Unreviewed
CVE-2024-29737
was published
Jul 17, 2024
H3C Magic R230 V100R002's udpserver opens port 9034, allowing attackers to execute arbitrary...
Moderate
Unreviewed
CVE-2024-38903
was published
Jun 24, 2024
WAVLINK WN551K1 found a command injection vulnerability through the IP parameter of /cgi-bin...
Moderate
Unreviewed
CVE-2024-38894
was published
Jun 24, 2024
WAVLINK WN551K1 found a command injection vulnerability through the start_hour parameter of /cgi...
Moderate
Unreviewed
CVE-2024-38896
was published
Jun 24, 2024
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an authenticated remote command...
Moderate
Unreviewed
CVE-2024-32349
was published
May 14, 2024
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection...
Moderate
Unreviewed
CVE-2024-32354
was published
May 14, 2024
TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection...
Moderate
Unreviewed
CVE-2024-34206
was published
May 14, 2024
D-LINK DIR-845L <=v1.01KRb03 is vulnerable to Information disclosurey via bsc_sms_inbox.php.
Moderate
Unreviewed
CVE-2024-33113
was published
May 6, 2024
TRENDnet TEW-815DAP 1.0.2.0 is vulnerable to Command Injection via the do_setNTP function. An...
Moderate
Unreviewed
CVE-2024-22546
was published
Apr 30, 2024
CSV Injection vulnerability in the Asus RT-N12+ router allows administrator users to inject...
Moderate
Unreviewed
CVE-2024-28328
was published
Apr 26, 2024
A vulnerability has been found in Ruijie RG-UAC 1.0 and classified as critical. This...
Moderate
Unreviewed
CVE-2024-6269
was published
Jun 23, 2024
A vulnerability was found in Arris VAP2500 08.50. It has been rated as critical. Affected by this...
Moderate
Unreviewed
CVE-2024-5195
was published
May 22, 2024
A vulnerability was found in Arris VAP2500 08.50. It has been declared as critical. Affected by...
Moderate
Unreviewed
CVE-2024-5194
was published
May 22, 2024
A vulnerability classified as critical has been found in Arris VAP2500 08.50. This affects an...
Moderate
Unreviewed
CVE-2024-5196
was published
May 22, 2024
A vulnerability was found in Beijing Baichuo Smart S85F Management Platform up to 20230807. It...
Moderate
Unreviewed
CVE-2023-4414
was published
Aug 18, 2023
A privilege escalation vulnerability exists in the /bin/login functionality of Peplink Smart...
Moderate
Unreviewed
CVE-2023-40146
was published
Apr 17, 2024
A vulnerability classified as critical has been found in Tenda AC500 2.0.1.9(1307). Affected is...
Moderate
Unreviewed
CVE-2024-3908
was published
Apr 17, 2024
Post-authentication remote command injection vulnerabilities in Western Digital My Cloud OS 5...
Moderate
Unreviewed
CVE-2023-22815
was published
Jul 1, 2023
A vulnerability was found in Beijing Baichuo Smart S85F Management Platform up to 20230722 and...
Moderate
Unreviewed
CVE-2023-4120
was published
Aug 3, 2023
?A command injection vulnerability exists in Trane XL824, XL850, XL1050, and Pivot thermostats...
Moderate
Unreviewed
CVE-2023-4212
was published
Aug 22, 2023
Harman Infotainment 20190525031613 and later allows command injection via unauthenticated RPC...
Moderate
Unreviewed
CVE-2023-40293
was published
Aug 14, 2023
Insufficient validation of untrusted input in Chromad in Google Chrome on ChromeOS prior to 115.0...
Moderate
Unreviewed
CVE-2023-3739
was published
Aug 2, 2023
ProTip!
Advisories are also available from the
GraphQL API