Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
3,678
Erlang
29
GitHub Actions
16
Go
1,707
Maven
4,940
npm
3,471
NuGet
603
pip
2,993
Pub
10
RubyGems
826
Rust
773
Swift
34
Unreviewed advisories
All unreviewed
5,000+

211 advisories

A vulnerability was found in Arris VAP2500 08.50. It has been rated as critical. Affected by this... Moderate Unreviewed
CVE-2024-5195 was published May 22, 2024
A vulnerability was found in Arris VAP2500 08.50. It has been declared as critical. Affected by... Moderate Unreviewed
CVE-2024-5194 was published May 22, 2024
A vulnerability classified as critical has been found in Arris VAP2500 08.50. This affects an... Moderate Unreviewed
CVE-2024-5196 was published May 22, 2024
1Panel arbitrary file write vulnerability Moderate
CVE-2024-34352 was published for github.com/1Panel-dev/1Panel (Go) May 9, 2024
an5er
dcnnt-py is vulnerable to command injection via Notification Handler Moderate
CVE-2023-1000 was published for dcnnt (pip) Apr 27, 2024
Command Injection in pip when used with Mercurial Moderate
CVE-2023-5752 was published for pip (pip) Oct 25, 2023
mwpeterson
gix-transport indirect code execution via malicious username Moderate
CVE-2024-32884 was published for gitoxide (Rust) Apr 15, 2024
EliahKagan
A vulnerability was found in Beijing Baichuo Smart S85F Management Platform up to 20230807. It... Moderate Unreviewed
CVE-2023-4414 was published Aug 18, 2023
A privilege escalation vulnerability exists in the /bin/login functionality of Peplink Smart... Moderate Unreviewed
CVE-2023-40146 was published Apr 17, 2024
A vulnerability classified as critical has been found in Tenda AC500 2.0.1.9(1307). Affected is... Moderate Unreviewed
CVE-2024-3908 was published Apr 17, 2024
Post-authentication remote command injection vulnerabilities in Western Digital My Cloud OS 5... Moderate Unreviewed
CVE-2023-22815 was published Jul 1, 2023
A vulnerability was found in Beijing Baichuo Smart S85F Management Platform up to 20230722 and... Moderate Unreviewed
CVE-2023-4120 was published Aug 3, 2023
?A command injection vulnerability exists in Trane XL824, XL850, XL1050, and Pivot thermostats... Moderate Unreviewed
CVE-2023-4212 was published Aug 22, 2023
Harman Infotainment 20190525031613 and later allows command injection via unauthenticated RPC... Moderate Unreviewed
CVE-2023-40293 was published Aug 14, 2023
Insufficient validation of untrusted input in Chromad in Google Chrome on ChromeOS prior to 115.0... Moderate Unreviewed
CVE-2023-3739 was published Aug 2, 2023
An attacker having physical access to WDM can plug USB device to gain access and execute unwanted... Moderate Unreviewed
CVE-2022-46361 was published Jul 6, 2023
An issue was discovered in Citadel through webcit-926. Meddler-in-the-middle attackers can... Moderate Unreviewed
CVE-2020-29547 was published May 29, 2023
An issue was discovered on GL.iNet devices before 3.216. There is an arbitrary file write in... Moderate Unreviewed
CVE-2023-31473 was published May 11, 2023
An issue was discovered in GitLab Community and Enterprise Edition before 11.11.8, 12 before 12.0... Moderate Unreviewed
CVE-2019-14944 was published Apr 16, 2023
Amanda 3.5.1 allows privilege escalation from the regular user backup to root. The SUID binary... Moderate Unreviewed
CVE-2022-37704 was published Apr 16, 2023
cPanel before 64.0.21 allows demo accounts to execute Cpanel::SPFUI API commands (SEC-246). Moderate Unreviewed
CVE-2017-18442 was published May 24, 2022
cPanel before 11.54.0.4 allows certain file-chmod operations in scripts/secureit (SEC-82). Moderate Unreviewed
CVE-2016-10849 was published May 24, 2022
Xiaomi Stock Browser 10.2.4.g on Xiaomi Redmi Note 5 Pro devices and other Redmi Android phones... Moderate Unreviewed
CVE-2018-20523 was published May 24, 2022
A vulnerability has been found in Tenda FH1205 2.0.0.7(775) and classified as critical. Affected... Moderate Unreviewed
CVE-2024-3009 was published Mar 28, 2024
A vulnerability has been found in Tenda FH1203 2.0.1.6 and classified as critical. This... Moderate Unreviewed
CVE-2024-2991 was published Mar 27, 2024
ProTip! Advisories are also available from the GraphQL API