GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,067
Erlang
29
GitHub Actions
19
Go
1,891
Maven
5,000+
npm
3,624
NuGet
638
pip
3,235
Pub
10
RubyGems
857
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
3,767 advisories
Filter by severity
TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command...
Critical
Unreviewed
CVE-2023-51026
was published
Dec 22, 2023
The YI Smart Kami Vision com.kamivision.yismart application through 1.0.0_20231219 for Android...
High
Unreviewed
CVE-2024-23727
was published
Mar 28, 2024
TOTOLINX EX1800T v9.1.0cu.2112_B20220316 is vulnerable to arbitrary command execution in the ...
Critical
Unreviewed
CVE-2023-51015
was published
Dec 22, 2023
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (...
Moderate
Unreviewed
CVE-2023-31296
was published
Dec 29, 2023
Improper validation in a model specific register (MSR) could allow a malicious program with ring0...
High
Unreviewed
CVE-2023-31315
was published
Aug 12, 2024
An issue in Netgear DGN1000WW v.1.1.00.45 allows a remote attacker to execute arbitrary code via...
High
Unreviewed
CVE-2024-42756
was published
Aug 23, 2024
An issue in GLPI v.10.0.12 and before allows a remote attacker to execute arbitrary code,...
High
Unreviewed
CVE-2024-27756
was published
Mar 15, 2024
Remote Code Execution in Apache Dolphinscheduler
Critical
CVE-2023-49109
was published
for
org.apache.dolphinscheduler:dolphinscheduler
(Maven)
Feb 20, 2024
An issue discovered in pdfmake 0.2.9 allows remote attackers to run arbitrary code via crafted...
Critical
Unreviewed
CVE-2024-25180
was published
Feb 29, 2024
An issue in the component RTKVHD64.sys of Realtek Semiconductor Corp Realtek(r) High Definition...
High
Unreviewed
CVE-2024-33225
was published
May 22, 2024
An issue discovered in iSpyConnect.com Agent DVR 5.1.6.0 allows attackers to run arbitrary files...
High
Unreviewed
CVE-2024-22514
was published
Feb 6, 2024
Cross Site Request Forgery vulnerability in flusity-CMS v.2.33 allows a remote attacker to...
High
Unreviewed
CVE-2024-24469
was published
Feb 5, 2024
Malwarebytes Binisoft Windows Firewall Control before 6.9.9.2 allows remote attackers to execute...
Critical
Unreviewed
CVE-2024-25089
was published
Feb 5, 2024
SeaCMS 13.0 has a remote code execution vulnerability. The reason for this vulnerability is that...
High
Unreviewed
CVE-2024-42599
was published
Aug 22, 2024
An issue was discovered in LIVEBOX Collaboration vDesk through v031. An Observable Response...
High
Unreviewed
CVE-2022-45177
was published
Feb 21, 2024
The Image Hotspot by DevVN plugin for WordPress is vulnerable to PHP Object Injection in all...
High
Unreviewed
CVE-2024-7656
was published
Aug 24, 2024
joblib vulnerable to arbitrary code execution
Critical
CVE-2022-21797
was published
for
joblib
(pip)
Sep 27, 2022
LlamaIndex includes an exec call for `import {cls_name}`
Critical
CVE-2024-45201
was published
for
llama-index-core
(pip)
Aug 22, 2024
In certain Sonos products before Sonos S1 Release 11.12 and S2 release 15.9, a vulnerability...
Moderate
Unreviewed
CVE-2023-50810
was published
Aug 12, 2024
A Stored Cross Site Scripting (XSS) vulnerability was found in "/view_type.php" of Kashipara Live...
High
Unreviewed
CVE-2024-40487
was published
Aug 12, 2024
An issue in D3D Security D3D IP Camera (D8801) v.V9.1.17.1.4-20180428 allows a local attacker to...
Critical
Unreviewed
CVE-2024-41623
was published
Aug 13, 2024
An arbitrary file upload vulnerability in the uploadFileAction() function of WonderCMS v3.4.3...
Moderate
Unreviewed
CVE-2024-41304
was published
Jul 30, 2024
Zohocorp ManageEngine OpManager and Remote Monitoring and Management versions 128329 and below...
High
Unreviewed
CVE-2024-5466
was published
Aug 23, 2024
The File Manager Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing...
High
Unreviewed
CVE-2024-7559
was published
Aug 23, 2024
Apache Inlong Code Injection vulnerability
High
CVE-2024-36268
was published
for
org.apache.inlong:tubemq-core
(Maven)
Aug 2, 2024
ProTip!
Advisories are also available from the
GraphQL API