Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,002 advisories

Loading
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an... Critical Unreviewed
CVE-2024-1374 was published Feb 13, 2024
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an... Critical Unreviewed
CVE-2024-1355 was published Feb 13, 2024
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an... High Unreviewed
CVE-2024-1354 was published Feb 13, 2024
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an... Critical Unreviewed
CVE-2024-1372 was published Feb 13, 2024
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an... Critical Unreviewed
CVE-2024-1369 was published Feb 13, 2024
A command injection vulnerability was identified in GitHub Enterprise Server that allowed an... Critical Unreviewed
CVE-2024-1359 was published Feb 13, 2024
TYPO3 Install Tool vulnerable to Code Execution High
CVE-2024-22188 was published for typo3/cms-core (Composer) Feb 13, 2024
bnf
Credited to bnf
Azure DevOps Server Remote Code Execution Vulnerability High Unreviewed
CVE-2024-20667 was published Feb 13, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system... Moderate Unreviewed
CVE-2023-47218 was published Feb 13, 2024
KiTTY versions 0.76.1.13 and before is vulnerable to command injection via the filename variable,... High Unreviewed
CVE-2024-23749 was published Feb 9, 2024
In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an unauthenticated user with... Critical Unreviewed
CVE-2023-46687 was published Feb 9, 2024
In Emerson Rosemount GC370XA, GC700XA, and GC1500XA products, an authenticated user with network... Moderate Unreviewed
CVE-2023-49716 was published Feb 9, 2024
An issue was discovered in Atos Unify OpenScape Voice Trace Manager V8 before V8 R0.9.11. It... High Unreviewed
CVE-2023-40263 was published Feb 9, 2024
An issue in Dlink DIR-816A2 v.1.10CNB05 allows a remote attacker to execute arbitrary code via... Critical Unreviewed
CVE-2024-24321 was published Feb 8, 2024
Zentao v18.0 to v18.10 was discovered to contain a remote code execution (RCE) vulnerability via... Critical Unreviewed
CVE-2024-24216 was published Feb 8, 2024
An issue in symphony v.3.6.3 and before allows a remote attacker to execute arbitrary code via... Critical Unreviewed
CVE-2024-23049 was published Feb 6, 2024
An issue was discovered in GTB Central Console 15.17.1-30814.NG. The method... High Unreviewed
CVE-2024-22107 was published Feb 2, 2024
An OS command injection vulnerability has been reported to affect Photo Station. If exploited,... High Unreviewed
CVE-2023-47562 was published Feb 2, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system... Moderate Unreviewed
CVE-2023-41281 was published Feb 2, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system... Moderate Unreviewed
CVE-2023-41282 was published Feb 2, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system... Moderate Unreviewed
CVE-2023-41283 was published Feb 2, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system... Critical Unreviewed
CVE-2023-45025 was published Feb 2, 2024
Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution ... High Unreviewed
CVE-2024-22903 was published Feb 2, 2024
Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution ... High Unreviewed
CVE-2024-22900 was published Feb 2, 2024
In Helix Sync versions prior to 2024.1, a local command injection was identified. Reported by... Low Unreviewed
CVE-2024-0325 was published Feb 2, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database