GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,067
Erlang
29
GitHub Actions
19
Go
1,891
Maven
5,000+
npm
3,624
NuGet
638
pip
3,235
Pub
10
RubyGems
857
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
3,081 advisories
Filter by severity
A vulnerability classified as critical has been found in TOTOLINK A720R 4.1.5. Affected is the...
Low
Unreviewed
CVE-2024-8869
was published
Sep 16, 2024
Certain models of D-Link wireless routers do not properly validate user input in the telnet...
High
Unreviewed
CVE-2024-45698
was published
Sep 16, 2024
An input validation weakness was discovered in XCC that could allow a valid, authenticated XCC...
High
Unreviewed
CVE-2024-8280
was published
Sep 13, 2024
An input validation weakness was discovered in XCC that could allow a valid, authenticated XCC...
High
Unreviewed
CVE-2024-8281
was published
Sep 13, 2024
A privilege escalation vulnerability was discovered in XCC that could allow a valid,...
High
Unreviewed
CVE-2024-8279
was published
Sep 13, 2024
A privilege escalation vulnerability was discovered in XCC that could allow a valid,...
High
Unreviewed
CVE-2024-8278
was published
Sep 13, 2024
Multiple vulnerabilities in Cisco Routed PON Controller Software, which runs as a docker...
High
Unreviewed
CVE-2024-20483
was published
Sep 11, 2024
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker...
High
Unreviewed
CVE-2024-20398
was published
Sep 11, 2024
A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated...
High
Unreviewed
CVE-2024-8686
was published
Sep 11, 2024
A vulnerability in significant-gravitas/autogpt version 0.5.1 allows an attacker to bypass the...
Critical
Unreviewed
CVE-2024-6091
was published
Sep 11, 2024
An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518...
High
Unreviewed
CVE-2024-8190
was published
Sep 10, 2024
An attacker with authenticated access to VICIdial as an "agent" can execute arbitrary shell...
High
Unreviewed
CVE-2024-8504
was published
Sep 10, 2024
A low privileged remote attacker can read and write files as root due to improper neutralization...
High
Unreviewed
CVE-2024-43387
was published
Sep 10, 2024
A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due...
High
Unreviewed
CVE-2024-43385
was published
Sep 10, 2024
A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due...
High
Unreviewed
CVE-2024-43386
was published
Sep 10, 2024
An low privileged remote attacker can execute OS commands with root privileges due to improper...
High
Unreviewed
CVE-2024-7699
was published
Sep 10, 2024
OS command injection vulnerability exists in BUFFALO wireless LAN routers and wireless LAN...
Moderate
Unreviewed
CVE-2024-44072
was published
Sep 10, 2024
**UNSUPPORTED WHEN ASSIGNED** A command injection vulnerability in the export-cgi program of...
Critical
Unreviewed
CVE-2024-6342
was published
Sep 10, 2024
D-Link DI-7003GV2 v24.04.18D1, DI-7100G+V2 v24.04.18D1, DI-7100GV2 v24.04.18D1, DI-7200GV2 v24.04...
High
Unreviewed
CVE-2024-44333
was published
Sep 9, 2024
A vulnerability has been found in TOTOLINK AC1200 T8 4.1.5cu.861_B20230220 and classified as...
Moderate
Unreviewed
CVE-2024-8574
was published
Sep 8, 2024
DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection...
High
Unreviewed
CVE-2024-44844
was published
Sep 6, 2024
DrayTek Vigor3900 v1.5.1.6 was discovered to contain an authenticated command injection...
High
Unreviewed
CVE-2024-44845
was published
Sep 6, 2024
An OS command injection vulnerability has been reported to affect legacy QTS. If exploited, the...
High
Unreviewed
CVE-2023-39300
was published
Sep 6, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system...
Moderate
Unreviewed
CVE-2024-21906
was published
Sep 6, 2024
An OS command injection vulnerability has been reported to affect several QNAP operating system...
High
Unreviewed
CVE-2024-21898
was published
Sep 6, 2024
ProTip!
Advisories are also available from the
GraphQL API