Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,071 advisories

Loading
Honeywell OneWireless Wireless Device Manager (WDM) for the following versions R310.x, R320.x,... Critical Unreviewed
CVE-2023-5878 was published Feb 6, 2025
eladmin <=2.7 is vulnerable to CSV Injection in the exception log download module. Critical Unreviewed
CVE-2025-22978 was published Feb 3, 2025
EasyVirt DCScope 8.6.0 and earlier and co2Scope 1.3.0 and earlier are vulnerable to Command... Critical Unreviewed
CVE-2024-55062 was published Feb 1, 2025
The specific component in Celk Saude 3.1.252.1 that processes user input and returns error... Critical Unreviewed
CVE-2024-48761 was published Jan 30, 2025
A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. It has been rated as... Critical Unreviewed
CVE-2025-0798 was published Jan 29, 2025
Network access can be used to execute arbitrary code with elevated privileges. This issue... Critical Unreviewed
CVE-2024-48841 was published Jan 27, 2025
TRENDnet TEW-632BRP v1.010B31 devices have an OS command injection vulnerability in the CGl... Critical Unreviewed
CVE-2024-57590 was published Jan 27, 2025
The script input feature of SpagoBI 3.5.1 allows arbitrary code execution. Critical Unreviewed
CVE-2024-54794 was published Jan 21, 2025
IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.1.0.0, and 6.2.0.0 could allow a... Critical Unreviewed
CVE-2024-41783 was published Jan 19, 2025
Tenda AC18 V15.03.05.19 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2024-57583 was published Jan 16, 2025
RE11S v1.11 was discovered to contain a command injection vulnerability via the component /goform... Critical Unreviewed
CVE-2025-22912 was published Jan 16, 2025
Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot() functionality of... Critical Unreviewed
CVE-2024-39781 was published Jan 14, 2025
Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot() functionality of... Critical Unreviewed
CVE-2024-39782 was published Jan 14, 2025
Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing()... Critical Unreviewed
CVE-2024-39765 was published Jan 14, 2025
Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality... Critical Unreviewed
CVE-2024-39761 was published Jan 14, 2025
Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality... Critical Unreviewed
CVE-2024-39760 was published Jan 14, 2025
Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing()... Critical Unreviewed
CVE-2024-39763 was published Jan 14, 2025
Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot() functionality of... Critical Unreviewed
CVE-2024-39783 was published Jan 14, 2025
Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing()... Critical Unreviewed
CVE-2024-39764 was published Jan 14, 2025
Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing()... Critical Unreviewed
CVE-2024-39762 was published Jan 14, 2025
An os command injection vulnerability exists in the firewall.cgi iptablesWebsFilterRun()... Critical Unreviewed
CVE-2024-39367 was published Jan 14, 2025
An os command injection vulnerability exists in the nas.cgi remove_dir() functionality of Wavlink... Critical Unreviewed
CVE-2024-39360 was published Jan 14, 2025
An os command injection vulnerability exists in the adm.cgi set_ledonoff() functionality of... Critical Unreviewed
CVE-2024-37186 was published Jan 14, 2025
An os command injection vulnerability exists in the touchlist_sync.cgi touchlistsync()... Critical Unreviewed
CVE-2024-34166 was published Jan 14, 2025
Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality... Critical Unreviewed
CVE-2024-39759 was published Jan 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database