Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

2,204 advisories

Loading
A vulnerability, which was classified as critical, has been found in D-Link DI-8100 16.07. This... Moderate Unreviewed
CVE-2024-7436 was published Aug 3, 2024
Commands can be injected over the network and executed without authentication. High Unreviewed
CVE-2024-7029 was published Aug 2, 2024
A command injection vulnerability could allow an authenticated user to execute operating system... High Unreviewed
CVE-2022-4002 was published Jul 31, 2024
A vulnerability was found in TOTOLINK LR1200 9.3.1cu.2832 and classified as critical. Affected by... Moderate Unreviewed
CVE-2024-7215 was published Jul 30, 2024
A vulnerability has been found in TOTOLINK LR350 9.3.5u.6369_B20220309 and classified as critical... Moderate Unreviewed
CVE-2024-7214 was published Jul 30, 2024
RaspAP allows an attacker to escalate privileges Critical
CVE-2024-41637 was published for billz/raspap-webgui (Composer) Jul 29, 2024
A vulnerability classified as critical was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. This... Moderate Unreviewed
CVE-2024-7181 was published Jul 29, 2024
A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been classified as... High Unreviewed
CVE-2024-7177 was published Jul 29, 2024
A vulnerability, which was classified as critical, was found in TOTOLINK A3600R 4.1.2cu... High Unreviewed
CVE-2024-7174 was published Jul 29, 2024
A vulnerability was found in TOTOLINK A3100R 4.1.2cu.5050_B20200504. It has been declared as... Moderate Unreviewed
CVE-2024-7158 was published Jul 28, 2024
A vulnerability classified as critical has been found in TOTOLINK A3700R 9.1.2u.5822_B20200513.... Moderate Unreviewed
CVE-2024-7160 was published Jul 28, 2024
Starship vulnerable to shell injection via undocumented, unpredictable shell expansion in custom commands High
CVE-2024-41815 was published for starship (Rust) Jul 26, 2024
evanbattaglia
An authenticated command injection vulnerability exists in the HPE Aruba Networking EdgeConnect... Moderate Unreviewed
CVE-2024-41136 was published Jul 24, 2024
A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateway's Command Line... High Unreviewed
CVE-2024-41135 was published Jul 24, 2024
A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateway's Command Line... High Unreviewed
CVE-2024-41133 was published Jul 24, 2024
A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateway's Command Line... High Unreviewed
CVE-2024-41134 was published Jul 24, 2024
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability... Critical Unreviewed
CVE-2024-41319 was published Jul 23, 2024
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability... High Unreviewed
CVE-2024-41320 was published Jul 22, 2024
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability... Critical Unreviewed
CVE-2024-41318 was published Jul 22, 2024
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability... Critical Unreviewed
CVE-2024-41316 was published Jul 22, 2024
AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX9 V22.03.01.46 and AX3000 Dual-Band Gigabit Wi-Fi 6... High Unreviewed
CVE-2024-39963 was published Jul 19, 2024
In streampark, the project module integrates Maven's compilation capabilities. The input... Moderate Unreviewed
CVE-2024-29737 was published Jul 17, 2024
In streampark, the project module integrates Maven's compilation capabilities. The input... Moderate Unreviewed
CVE-2023-52291 was published Jul 17, 2024
This vulnerability allows an unauthenticated attacker to achieve remote command execution on the... Critical Unreviewed
CVE-2024-38492 was published Jul 15, 2024
StoneFly Storage Concentrator (SC and SCVM) before 8.0.4.26 allows remote authenticated users to... High Unreviewed
CVE-2024-30213 was published Jul 13, 2024
ProTip! Advisories are also available from the GraphQL API