GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,638
Composer 5,007
Erlang 39
GitHub Actions 38
Go 2,645
Maven 6,108
npm 4,271
NuGet 760
pip 4,065
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,136

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,624 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The script input feature of SpagoBI 3.5.1 allows arbitrary code execution. Critical Unreviewed

CVE-2024-54794 was published Jan 21, 2025

TOTOLINK A810R V4.1.2cu.5032_B20200407 was found to contain a command insertion vulnerability in... High Unreviewed

CVE-2024-57036 was published Jan 21, 2025

IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.1.0.0, and 6.2.0.0 could allow a... Critical Unreviewed

CVE-2024-41783 was published Jan 19, 2025

Multiple bash files were present in the application's private directory. Bash files can be used... Low Unreviewed

CVE-2024-54681 was published Jan 17, 2025

A JNDI injection issue was discovered in Cloudera JDBC Connector for Hive before 2.6.26 and JDBC... High Unreviewed

CVE-2024-54660 was published Jan 17, 2025

Tenda AC18 V15.03.05.19 was discovered to contain a command injection vulnerability via the... Critical Unreviewed

CVE-2024-57583 was published Jan 16, 2025

RE11S v1.11 was discovered to contain a command injection vulnerability via the component /goform... Critical Unreviewed

CVE-2025-22912 was published Jan 16, 2025

Authenticated command injection vulnerability in the command line interface of a network... High Unreviewed

CVE-2025-23052 was published Jan 14, 2025

Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality... Critical Unreviewed

CVE-2024-39760 was published Jan 14, 2025

Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality... Critical Unreviewed

CVE-2024-39761 was published Jan 14, 2025

Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing()... Critical Unreviewed

CVE-2024-39762 was published Jan 14, 2025

Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing()... Critical Unreviewed

CVE-2024-39763 was published Jan 14, 2025

Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing()... Critical Unreviewed

CVE-2024-39765 was published Jan 14, 2025

Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing()... Critical Unreviewed

CVE-2024-39764 was published Jan 14, 2025

Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot() functionality of... Critical Unreviewed

CVE-2024-39781 was published Jan 14, 2025

Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot() functionality of... Critical Unreviewed

CVE-2024-39782 was published Jan 14, 2025

Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot() functionality of... Critical Unreviewed

CVE-2024-39783 was published Jan 14, 2025

An os command injection vulnerability exists in the adm.cgi set_ledonoff() functionality of... Critical Unreviewed

CVE-2024-37186 was published Jan 14, 2025

Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality... Critical Unreviewed

CVE-2024-39759 was published Jan 14, 2025

An os command injection vulnerability exists in the touchlist_sync.cgi touchlistsync()... Critical Unreviewed

CVE-2024-34166 was published Jan 14, 2025

An os command injection vulnerability exists in the firewall.cgi iptablesWebsFilterRun()... Critical Unreviewed

CVE-2024-39367 was published Jan 14, 2025

An os command injection vulnerability exists in the nas.cgi remove_dir() functionality of Wavlink... Critical Unreviewed

CVE-2024-39360 was published Jan 14, 2025

TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability... High Unreviewed

CVE-2024-57211 was published Jan 10, 2025

Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the... High Unreviewed

CVE-2024-57226 was published Jan 10, 2025

Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the... High Unreviewed

CVE-2024-57227 was published Jan 10, 2025

Previous 1…20…105 Next

Previous 1 2 … 18 19 20 21 22 … 104 105 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,624 advisories