GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
916 advisories
Filter by severity
An attacker with local access the to medical office computer can
escalate his Windows user...
High
Unreviewed
CVE-2024-50591
was published
Nov 8, 2024
An authenticated command injection vulnerability exists in the Instant AOS-8 and AOS-10 command...
High
Unreviewed
CVE-2024-47461
was published
Nov 6, 2024
A potential vulnerability was discovered in certain Poly video conferencing devices. The firmware...
High
Unreviewed
CVE-2024-9579
was published
Nov 5, 2024
Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were...
High
Unreviewed
CVE-2024-52022
was published
Nov 5, 2024
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and...
High
Unreviewed
CVE-2024-51254
was published
Oct 31, 2024
KERUI HD 3MP 1080P Tuya Camera 1.0.4 has a command injection vulnerability in the module that...
High
Unreviewed
CVE-2024-48214
was published
Oct 30, 2024
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and...
High
Unreviewed
CVE-2024-51258
was published
Oct 30, 2024
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and...
High
Unreviewed
CVE-2024-51299
was published
Oct 30, 2024
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and...
High
Unreviewed
CVE-2024-51296
was published
Oct 30, 2024
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and...
High
Unreviewed
CVE-2024-51300
was published
Oct 30, 2024
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and...
High
Unreviewed
CVE-2024-51257
was published
Oct 30, 2024
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and...
High
Unreviewed
CVE-2024-51301
was published
Oct 30, 2024
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and...
High
Unreviewed
CVE-2024-51304
was published
Oct 30, 2024
Command injection vulnerability in the Edge Computing UI for the
TRO600 series radios that allows...
High
Unreviewed
CVE-2024-41153
was published
Oct 29, 2024
A vulnerability classified as critical has been found in WAVLINK WN530H4, WN530HG4 and WN572HG3...
High
Unreviewed
CVE-2024-10429
was published
Oct 27, 2024
A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. It has been...
High
Unreviewed
CVE-2024-10428
was published
Oct 27, 2024
A prompt injection vulnerability in the chatbox of Butterfly Effect Limited Monica Your AI...
High
Unreviewed
CVE-2024-48140
was published
Oct 24, 2024
A prompt injection vulnerability in the chatbox of Zhipu AI CodeGeeX v2.17.0 allows attackers to...
High
Unreviewed
CVE-2024-48141
was published
Oct 24, 2024
A prompt injection vulnerability in the chatbox of Butterfly Effect Limited Monica ChatGPT AI...
High
Unreviewed
CVE-2024-48142
was published
Oct 24, 2024
A prompt injection vulnerability in the chatbox of Blackbox AI v1.3.95 allows attackers to access...
High
Unreviewed
CVE-2024-48139
was published
Oct 24, 2024
Shenzhen Tuoshi Network Communications Co.,Ltd 5G CPE Router NR500-EA RG500UEAABxCOMSLICv3.2.2543...
High
Unreviewed
CVE-2024-48440
was published
Oct 24, 2024
Wuhan Tianyu Information Industry Co., Ltd Tianyu CPE Router CommonCPExCPETS_v3.2.468.11.04_P4...
High
Unreviewed
CVE-2024-48441
was published
Oct 24, 2024
Netgear EX6120 v1.0.0.68 is vulnerable to Command Injection in genie_fix2.cgi via the...
High
Unreviewed
CVE-2024-35518
was published
Oct 15, 2024
Netgear EX6120 v1.0.0.68, Netgear EX6100 v1.0.2.28, and Netgear EX3700 v1.0.0.96 are vulnerable...
High
Unreviewed
CVE-2024-35519
was published
Oct 15, 2024
Netgear R7000 1.0.11.136 is vulnerable to Command Injection in RMT_invite.cgi via device_name2...
High
Unreviewed
CVE-2024-35520
was published
Oct 15, 2024
ProTip!
Advisories are also available from the
GraphQL API