GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,247
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
876 advisories
Filter by severity
This Advisory describes an issue that impacts Arista Wireless Access Points. Any entity with the...
High
Unreviewed
CVE-2024-4578
was published
Jun 27, 2024
OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable...
High
Unreviewed
CVE-2024-4639
was published
Jun 25, 2024
OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable...
High
Unreviewed
CVE-2024-4638
was published
Jun 25, 2024
The CRUDDIY project is vulnerable to shell command injection via sending a crafted POST request...
High
Unreviewed
CVE-2024-4748
was published
Jun 24, 2024
On Mitel 6869i 4.5.0.41 devices, the Manual Firmware Update (upgrade.html) page does not perform...
High
Unreviewed
CVE-2024-37570
was published
Jun 9, 2024
An issue was discovered on Mitel 6869i through 4.5.0.41 and 5.x through 5.0.0.1018 devices. A...
High
Unreviewed
CVE-2024-37569
was published
Jun 9, 2024
A command injection vulnerability exists in the gradio-app/gradio repository, specifically within...
High
Unreviewed
CVE-2024-4253
was published
Jun 4, 2024
A remote code execution (RCE) vulnerability exists in the parisneo/lollms-webui, specifically...
High
Unreviewed
CVE-2024-4267
was published
May 22, 2024
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability...
High
Unreviewed
CVE-2024-1417
was published
May 16, 2024
A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could...
High
Unreviewed
CVE-2024-20326
was published
May 16, 2024
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection...
High
Unreviewed
CVE-2024-32355
was published
May 14, 2024
A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V5...
High
Unreviewed
CVE-2024-31485
was published
May 14, 2024
A Blind command injection vulnerability in Tenda O3V2 V1.0.0.12 and earlier allows remote...
High
Unreviewed
CVE-2024-34338
was published
May 14, 2024
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability via the...
High
Unreviewed
CVE-2024-33788
was published
May 6, 2024
D-Link DIR-822+ V1.0.5 was found to contain a command injection in SetPlcNetworkpwd function of...
High
Unreviewed
CVE-2024-33342
was published
Apr 26, 2024
A Heap Overflow vulnerability in WLInfoRailService component of Ivanti Avalanche before 6.4.3...
High
Unreviewed
CVE-2024-22061
was published
Apr 19, 2024
Tenda W30E v1.0 V1.0.1.25(633) firmware contains a command injection vulnerablility in the...
High
Unreviewed
CVE-2024-32292
was published
Apr 17, 2024
Tenda FH1203 V2.0.1.6 firmware has a command injection vulnerablility in formexeCommand function...
High
Unreviewed
CVE-2024-32283
was published
Apr 17, 2024
Tenda AC7V1.0 v15.03.06.44 firmware contains a command injection vulnerablility in formexeCommand...
High
Unreviewed
CVE-2024-32281
was published
Apr 17, 2024
The Delta Electronics DVW-W02W2-E2 devices expose a web administration interface to users. This...
High
Unreviewed
CVE-2024-3871
was published
Apr 16, 2024
Insecure default configurations in Hikvision Interactive Tablet DS-D5B86RB/B V2.3.0 build220119,...
High
Unreviewed
CVE-2023-33806
was published
Apr 16, 2024
An issue discovered in Telesquare TLR-2005Ksh 1.0.0 and 1.1.4 allows attackers to run arbitrary...
High
Unreviewed
CVE-2024-29269
was published
Apr 10, 2024
Microsoft Defender for IoT Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-21322
was published
Apr 9, 2024
TOTOLINK EX200 V4.0.3c.7646_B20201211 was discovered to contain a remote code execution (RCE)...
High
Unreviewed
CVE-2024-31811
was published
Apr 8, 2024
A command injection vulnerability exists in /goform/exeCommand in Tenda AC18 v15.03.05.05, which...
High
Unreviewed
CVE-2024-30891
was published
Apr 5, 2024
ProTip!
Advisories are also available from the
GraphQL API