Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,248
Erlang
31
GitHub Actions
21
Go
2,016
Maven
5,000+
npm
3,721
NuGet
662
pip
3,400
Pub
11
RubyGems
890
Rust
852
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,814 advisories

Loading
Authenticated remote code execution (RCE) vulnerabilities affect TP-Link Archer, Deco, and Tapo... High Unreviewed
CVE-2024-53375 was published Dec 3, 2024
An issue was discovered in Victure RX1800 WiFi 6 Router (software EN_V1.0.0_r12_110933, hardware... High Unreviewed
CVE-2024-53939 was published Dec 3, 2024
An issue was discovered in Victure RX1800 WiFi 6 Router (software EN_V1.0.0_r12_110933, hardware... High Unreviewed
CVE-2024-53940 was published Dec 3, 2024
An arbitrary file download vulnerability in the component /Doc/DownloadFile of NUS-M9 ERP... High Unreviewed
CVE-2024-44759 was published Nov 15, 2024
A reachable assertion in the ogs_nas_emm_decode function of Open5GS v2.7.0 allows attackers to... High Unreviewed
CVE-2024-24431 was published Nov 15, 2024
Qualys discovered that needrestart, before version 3.8, passes unsanitized data to a library ... High Unreviewed
CVE-2024-11003 was published Nov 19, 2024
A post-authentication command injection vulnerability in the "host" parameter of the diagnostic... High Unreviewed
CVE-2024-9200 was published Dec 3, 2024
EnGenius EWS356-FIR 1.1.30 and earlier devices allow a remote attacker to execute arbitrary OS... High Unreviewed
CVE-2024-31976 was published Nov 27, 2024
Certain models of routers from Billion Electric has an OS Command Injection vulnerability,... High Unreviewed
CVE-2024-11983 was published Nov 29, 2024
An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518... High Unreviewed
CVE-2024-8190 was published Sep 10, 2024
virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual... High Unreviewed
CVE-2024-53899 was published Nov 24, 2024
The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for... High Unreviewed
CVE-2024-9461 was published Nov 26, 2024
A CWE-79 "Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"... High Unreviewed
CVE-2024-50376 was published Nov 26, 2024
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command... High Unreviewed
CVE-2024-50364 was published Nov 26, 2024
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command... High Unreviewed
CVE-2024-50368 was published Nov 26, 2024
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command... High Unreviewed
CVE-2024-50366 was published Nov 26, 2024
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command... High Unreviewed
CVE-2024-50362 was published Nov 26, 2024
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command... High Unreviewed
CVE-2024-50360 was published Nov 26, 2024
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command... High Unreviewed
CVE-2024-50361 was published Nov 26, 2024
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command... High Unreviewed
CVE-2024-50369 was published Nov 26, 2024
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command... High Unreviewed
CVE-2024-50359 was published Nov 26, 2024
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command... High Unreviewed
CVE-2024-50363 was published Nov 26, 2024
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command... High Unreviewed
CVE-2024-50365 was published Nov 26, 2024
A CWE-78 "Improper Neutralization of Special Elements used in an OS Command ('OS Command... High Unreviewed
CVE-2024-50367 was published Nov 26, 2024
Command injection when ingesting a remote Kaggle dataset due to a lack of input sanitization in... High Unreviewed
CVE-2024-6507 was published Jul 4, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database