GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
3,869
Erlang
29
GitHub Actions
16
Go
1,717
Maven
4,951
npm
3,480
NuGet
605
pip
3,026
Pub
10
RubyGems
832
Rust
776
Swift
34
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
2,542 advisories
Filter by severity
The system configuration interface of HGiga iSherlock (including MailSherlock, SpamSherock,...
High
Unreviewed
CVE-2024-4299
was published
Apr 29, 2024
The email search interface of HGiga iSherlock (including MailSherlock, SpamSherock, AuditSherlock...
High
Unreviewed
CVE-2024-4298
was published
Apr 29, 2024
A vulnerability, which was classified as critical, has been found in Ruijie RG-UAC up to 20240419...
Moderate
Unreviewed
CVE-2024-4255
was published
Apr 27, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system...
High
Unreviewed
CVE-2024-27124
was published
Apr 26, 2024
Eclipse Target Management: Terminal and Remote System Explorer (RSE) version <= 4.5.400 has a...
Critical
Unreviewed
CVE-2024-0740
was published
Apr 26, 2024
A vulnerability in the Cisco Adaptive Security Appliance (ASA) restore functionality that is...
Moderate
Unreviewed
CVE-2024-20358
was published
Apr 24, 2024
A vulnerability in the web-based management interface of Cisco Integrated Management Controller ...
High
Unreviewed
CVE-2024-20356
was published
Apr 24, 2024
A vulnerability in the CLI of the Cisco Integrated Management Controller (IMC) could allow an...
High
Unreviewed
CVE-2024-20295
was published
Apr 24, 2024
An OS command injection vulnerability exists in the web interface mac2name functionality of...
Critical
Unreviewed
CVE-2023-39367
was published
Apr 17, 2024
A vulnerability has been found in Tenda W30E 1.0.1.25(633) and classified as critical. This...
Moderate
Unreviewed
CVE-2024-3880
was published
Apr 16, 2024
A command injection vulnerability was identified in SMM/SMM2 and FPC that could allow an...
High
Unreviewed
CVE-2023-4855
was published
Apr 15, 2024
A format string vulnerability was identified in SMM/SMM2 and FPC that could allow an...
High
Unreviewed
CVE-2023-4856
was published
Apr 15, 2024
A command injection vulnerability was identified in SMM/SMM2 and FPC that could allow an...
High
Unreviewed
CVE-2024-2659
was published
Apr 15, 2024
Command injection vulnerability in the operating system. Improper neutralisation of special...
Critical
Unreviewed
CVE-2024-3781
was published
Apr 15, 2024
Certain ASUS WiFi routers models has an OS Command Injection vulnerability, allowing an...
High
Unreviewed
CVE-2024-1655
was published
Apr 15, 2024
A vulnerability classified as critical was found in cym1102 nginxWebUI up to 3.9.9. This...
Moderate
Unreviewed
CVE-2024-3739
was published
Apr 13, 2024
A vulnerability was found in TBK DVR-4104 and DVR-4216 up to 20240412 and classified as critical....
Moderate
Unreviewed
CVE-2024-3721
was published
Apr 13, 2024
Operating system command injection vulnerability in Planet IGS-4215-16T2S, affecting firmware...
Moderate
Unreviewed
CVE-2024-2742
was published
Apr 11, 2024
An OS Command Injection vulnerability exists in the '/open_code_folder' endpoint of the parisneo...
Critical
Unreviewed
CVE-2024-1520
was published
Apr 10, 2024
A vulnerability was found in csmock where a regular user of the OSH service (anyone with a valid...
High
Unreviewed
CVE-2024-2243
was published
Apr 10, 2024
A improper neutralization of special elements used in an os command ('os command injection') in...
High
Unreviewed
CVE-2024-21756
was published
Apr 9, 2024
A improper neutralization of special elements used in an os command ('os command injection') in...
High
Unreviewed
CVE-2024-21755
was published
Apr 9, 2024
An improper neutralization of special elements used in an os command ('os command injection') in...
Moderate
Unreviewed
CVE-2023-47540
was published
Apr 9, 2024
A command injection vulnerability exists in the processAnalyticsReport method from the com.webos...
Critical
Unreviewed
CVE-2023-6318
was published
Apr 9, 2024
A command injection vulnerability exists in the com.webos.service.connectionmanager/tv...
Critical
Unreviewed
CVE-2023-6320
was published
Apr 9, 2024
ProTip!
Advisories are also available from the
GraphQL API