Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,683
Erlang
29
GitHub Actions
16
Go
1,708
Maven
4,944
npm
3,473
NuGet
603
pip
2,995
Pub
10
RubyGems
826
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+

918 advisories

Multiple authenticated command injection vulnerabilities exist in the Aruba InstantOS and ArubaOS... High Unreviewed
CVE-2023-22789 was published Jul 6, 2023
Multiple authenticated command injection vulnerabilities exist in the Aruba InstantOS and ArubaOS... High Unreviewed
CVE-2023-22790 was published Jul 6, 2023
Multiple authenticated command injection vulnerabilities exist in the Aruba InstantOS and ArubaOS... High Unreviewed
CVE-2023-22788 was published Jul 6, 2023
A post-authentication command injection vulnerability in the “account_operator.cgi” CGI program... High Unreviewed
CVE-2023-22913 was published Jul 6, 2023
In Splunk Enterprise versions below 8.1.13, 8.2.10, and 9.0.4, the ‘display.page.search.patterns... High Unreviewed
CVE-2023-22935 was published Jul 6, 2023
An attacker with physical access to Moxa's bootloader versions of UC-8580 Series V1.1, UC-8540... High Unreviewed
CVE-2022-3086 was published Jul 6, 2023
Two OS command injection vulnerability exist in the vtysh_ubus toolsh_excute.constprop.1... High Unreviewed
CVE-2023-24520 was published Jul 6, 2023
Two OS command injection vulnerability exist in the vtysh_ubus toolsh_excute.constprop.1... High Unreviewed
CVE-2023-24519 was published Jul 6, 2023
Two OS command injection vulnerabilities exist in the urvpn_client cmd_name_action functionality... High Unreviewed
CVE-2023-24582 was published Jul 6, 2023
Two OS command injection vulnerabilities exist in the urvpn_client cmd_name_action functionality... High Unreviewed
CVE-2023-24583 was published Jul 6, 2023
An OS command injection vulnerability exists in the libzebra.so bridge_group functionality of... High Unreviewed
CVE-2023-22306 was published Jul 6, 2023
An os command injection vulnerability exists in the liburvpn.so create_private_key functionality... High Unreviewed
CVE-2023-22371 was published Jul 6, 2023
An OS command injection vulnerability exists in the ys_thirdparty user_delete functionality of... High Unreviewed
CVE-2023-23550 was published Jul 6, 2023
An os command injection vulnerability exists in the libzebra.so change_hostname functionality of... High Unreviewed
CVE-2023-22659 was published Jul 6, 2023
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface.... High Unreviewed
CVE-2023-35973 was published Jul 5, 2023
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface.... High Unreviewed
CVE-2023-35974 was published Jul 5, 2023
An authenticated remote command injection vulnerability exists in the ArubaOS web-based... High Unreviewed
CVE-2023-35972 was published Jul 5, 2023
A post-authentication remote command injection vulnerability in a CGI file in Western Digital My... High Unreviewed
CVE-2023-22816 was published Jul 1, 2023
jcvi vulnerable to Configuration Injection due to unsanitized user input High
CVE-2023-35932 was published for jcvi (pip) Jun 23, 2023
Sim4n6
RaspAP raspap-webgui Command Injection vulnerability High
CVE-2023-30260 was published for billz/raspap-webgui (Composer) Jun 23, 2023
In Zimbra Collaboration Suite through 9.0 and 8.8.15, an attacker (who has initial user access to... High Unreviewed
CVE-2023-24032 was published Jun 15, 2023
A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050... High Unreviewed
CVE-2023-33919 was published Jun 13, 2023
Previous versions of HP Device Manager (prior to HPDM 5.0.10) could potentially allow command... High Unreviewed
CVE-2023-26298 was published Jun 13, 2023
Previous versions of HP Device Manager (prior to HPDM 5.0.10) could potentially allow command... High Unreviewed
CVE-2023-26297 was published Jun 13, 2023
Previous versions of HP Device Manager (prior to HPDM 5.0.10) could potentially allow command... High Unreviewed
CVE-2023-26296 was published Jun 13, 2023
ProTip! Advisories are also available from the GraphQL API