Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,002 advisories

Loading
The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.4,... High Unreviewed
CVE-2024-23247 was published Mar 8, 2024
PaddlePaddle command injection vulnerability High
CVE-2024-0817 was published for paddlepaddle (pip) Mar 7, 2024
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface.... High Unreviewed
CVE-2024-25611 was published Mar 5, 2024
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface.... High Unreviewed
CVE-2024-25613 was published Mar 5, 2024
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface.... High Unreviewed
CVE-2024-1356 was published Mar 5, 2024
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface.... High Unreviewed
CVE-2024-25612 was published Mar 5, 2024
An issue in TRENDnet TEW-822DRE v.1.03B02 allows a local attacker to execute arbitrary code via... Moderate Unreviewed
CVE-2023-51835 was published Feb 29, 2024
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote... High Unreviewed
CVE-2024-26296 was published Feb 28, 2024
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote... High Unreviewed
CVE-2024-26297 was published Feb 28, 2024
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote... High Unreviewed
CVE-2024-26298 was published Feb 28, 2024
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote... High Unreviewed
CVE-2024-26294 was published Feb 28, 2024
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote... High Unreviewed
CVE-2024-26295 was published Feb 28, 2024
An issue was discovered in Linksys Router E1700 version 1.0.04 (build 3), allows authenticated... High Unreviewed
CVE-2024-22544 was published Feb 27, 2024
Splinefont in FontForge through 20230101 allows command injection via crafted archives or... Moderate Unreviewed
CVE-2024-25082 was published Feb 26, 2024
Splinefont in FontForge through 20230101 allows command injection via crafted filenames. Moderate Unreviewed
CVE-2024-25081 was published Feb 26, 2024
In Indo-Sol PROFINET-INspektor NT through 2.4.0, a command injection vulnerability in the... Critical Unreviewed
CVE-2023-49959 was published Feb 26, 2024
A vulnerability was found in Totolink X6000R AX3000 9.4.0cu.852_20230719. It has been rated as... Moderate Unreviewed
CVE-2024-1781 was published Feb 23, 2024
Netis WF2780 v2.1.40144 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2024-25850 was published Feb 22, 2024
Command Injection vulnerability in D-Link Dir 816 with firmware version DIR-816_A2_v1.10CNB04... Critical Unreviewed
CVE-2023-24331 was published Feb 21, 2024
Command Injection vulnerability in D-Link Dir 882 with firmware version DIR882A1_FW130B06 allows... High Unreviewed
CVE-2023-24330 was published Feb 21, 2024
pymatgen vulnerable to arbitrary code execution when parsing a maliciously crafted JonesFaithfulTransformation transformation_string Critical
CVE-2024-23346 was published for pymatgen (pip) Feb 21, 2024
SteakEnthusiast mkhorton
Credited to SteakEnthusiast and mkhorton
An issue in idocv v.14.1.3_20231228 allows a remote attacker to execute arbitrary code and obtain... High Unreviewed
CVE-2024-24377 was published Feb 16, 2024
Command Injection vulnerability discovered in 4ipnet EAP-767 device v3.42.00 within the web... High Unreviewed
CVE-2024-24301 was published Feb 15, 2024
When running in appliance mode, an authenticated remote command injection vulnerability exists in... High Unreviewed
CVE-2024-22093 was published Feb 14, 2024
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an... Critical Unreviewed
CVE-2024-1378 was published Feb 13, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database