Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,067
Erlang
29
GitHub Actions
19
Go
1,891
Maven
5,000+
npm
3,624
NuGet
638
pip
3,235
Pub
10
RubyGems
857
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

3,767 advisories

Loading
TOTOlink EX1800T V9.1.0cu.2112_B20220316 is vulnerable to unauthorized arbitrary command... Critical Unreviewed
CVE-2023-51026 was published Dec 22, 2023
The YI Smart Kami Vision com.kamivision.yismart application through 1.0.0_20231219 for Android... High Unreviewed
CVE-2024-23727 was published Mar 28, 2024
TOTOLINX EX1800T v9.1.0cu.2112_B20220316 is vulnerable to arbitrary command execution in the ... Critical Unreviewed
CVE-2023-51015 was published Dec 22, 2023
CSV Injection vulnerability in Sesami Cash Point & Transport Optimizer (CPTO) version 6.3.8.6 (... Moderate Unreviewed
CVE-2023-31296 was published Dec 29, 2023
Improper validation in a model specific register (MSR) could allow a malicious program with ring0... High Unreviewed
CVE-2023-31315 was published Aug 12, 2024
An issue in Netgear DGN1000WW v.1.1.00.45 allows a remote attacker to execute arbitrary code via... High Unreviewed
CVE-2024-42756 was published Aug 23, 2024
An issue in GLPI v.10.0.12 and before allows a remote attacker to execute arbitrary code,... High Unreviewed
CVE-2024-27756 was published Mar 15, 2024
Remote Code Execution in Apache Dolphinscheduler Critical
CVE-2023-49109 was published for org.apache.dolphinscheduler:dolphinscheduler (Maven) Feb 20, 2024
An issue discovered in pdfmake 0.2.9 allows remote attackers to run arbitrary code via crafted... Critical Unreviewed
CVE-2024-25180 was published Feb 29, 2024
An issue in the component RTKVHD64.sys of Realtek Semiconductor Corp Realtek(r) High Definition... High Unreviewed
CVE-2024-33225 was published May 22, 2024
An issue discovered in iSpyConnect.com Agent DVR 5.1.6.0 allows attackers to run arbitrary files... High Unreviewed
CVE-2024-22514 was published Feb 6, 2024
Cross Site Request Forgery vulnerability in flusity-CMS v.2.33 allows a remote attacker to... High Unreviewed
CVE-2024-24469 was published Feb 5, 2024
Malwarebytes Binisoft Windows Firewall Control before 6.9.9.2 allows remote attackers to execute... Critical Unreviewed
CVE-2024-25089 was published Feb 5, 2024
SeaCMS 13.0 has a remote code execution vulnerability. The reason for this vulnerability is that... High Unreviewed
CVE-2024-42599 was published Aug 22, 2024
An issue was discovered in LIVEBOX Collaboration vDesk through v031. An Observable Response... High Unreviewed
CVE-2022-45177 was published Feb 21, 2024
The Image Hotspot by DevVN plugin for WordPress is vulnerable to PHP Object Injection in all... High Unreviewed
CVE-2024-7656 was published Aug 24, 2024
joblib vulnerable to arbitrary code execution Critical
CVE-2022-21797 was published for joblib (pip) Sep 27, 2022
dawookie
LlamaIndex includes an exec call for `import {cls_name}` Critical
CVE-2024-45201 was published for llama-index-core (pip) Aug 22, 2024
In certain Sonos products before Sonos S1 Release 11.12 and S2 release 15.9, a vulnerability... Moderate Unreviewed
CVE-2023-50810 was published Aug 12, 2024
A Stored Cross Site Scripting (XSS) vulnerability was found in "/view_type.php" of Kashipara Live... High Unreviewed
CVE-2024-40487 was published Aug 12, 2024
An issue in D3D Security D3D IP Camera (D8801) v.V9.1.17.1.4-20180428 allows a local attacker to... Critical Unreviewed
CVE-2024-41623 was published Aug 13, 2024
An arbitrary file upload vulnerability in the uploadFileAction() function of WonderCMS v3.4.3... Moderate Unreviewed
CVE-2024-41304 was published Jul 30, 2024
Zohocorp ManageEngine OpManager and Remote Monitoring and Management versions 128329 and below... High Unreviewed
CVE-2024-5466 was published Aug 23, 2024
The File Manager Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing... High Unreviewed
CVE-2024-7559 was published Aug 23, 2024
Apache Inlong Code Injection vulnerability High
CVE-2024-36268 was published for org.apache.inlong:tubemq-core (Maven) Aug 2, 2024
ProTip! Advisories are also available from the GraphQL API