GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,224
Erlang
31
GitHub Actions
19
Go
1,990
Maven
5,000+
npm
3,706
NuGet
661
pip
3,336
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
2,903 advisories
Filter by severity
A vulnerability in the web management interface of Cisco AsyncOS for Cisco Secure Web...
Moderate
Unreviewed
CVE-2022-20871
was published
Nov 15, 2024
A vulnerability in the web UI of Cisco IND could allow an authenticated, remote attacker to...
Critical
Unreviewed
CVE-2023-20036
was published
Nov 15, 2024
A vulnerability in the implementation of the CLI on a device that is running ConfD could allow an...
High
Unreviewed
CVE-2022-20655
was published
Nov 15, 2024
A vulnerability in the web-based management interface and in the API subsystem of Cisco ...
Moderate
Unreviewed
CVE-2022-20652
was published
Nov 15, 2024
Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote...
Critical
Unreviewed
CVE-2024-11120
was published
Nov 15, 2024
A Python command injection vulnerability exists in the `SagemakerLLM` class's `complete()` method...
Critical
Unreviewed
CVE-2024-4343
was published
Nov 14, 2024
Multiple improper neutralization of special elements used in an OS command ('OS Command Injection...
Moderate
Unreviewed
CVE-2024-32118
was published
Nov 12, 2024
Command injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure...
Critical
Unreviewed
CVE-2024-11006
was published
Nov 12, 2024
Command injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure...
Critical
Unreviewed
CVE-2024-11005
was published
Nov 12, 2024
Command injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure...
Critical
Unreviewed
CVE-2024-11007
was published
Nov 12, 2024
A vulnerability has been identified in SINEC INS (All versions < V1.0 SP2 Update 3). The affected...
Critical
Unreviewed
CVE-2024-46890
was published
Nov 12, 2024
Improper neutralization of special elements used in an OS command ('OS Command Injection') issue...
High
Unreviewed
CVE-2024-45827
was published
Nov 12, 2024
A post-authentication command injection vulnerability in the CGI program in the Zyxel GS1900-48...
Moderate
Unreviewed
CVE-2024-8881
was published
Nov 12, 2024
EnGenius EWS356-FIT devices through 1.1.30 allow blind OS command injection. This allows an...
Critical
Unreviewed
CVE-2024-36061
was published
Nov 11, 2024
The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers...
High
Unreviewed
CVE-2024-11063
was published
Nov 11, 2024
The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers...
High
Unreviewed
CVE-2024-11064
was published
Nov 11, 2024
The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers...
High
Unreviewed
CVE-2024-11066
was published
Nov 11, 2024
The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers...
High
Unreviewed
CVE-2024-11065
was published
Nov 11, 2024
The D-Link DSL6740C modem has an OS Command Injection vulnerability, allowing remote attackers...
High
Unreviewed
CVE-2024-11062
was published
Nov 11, 2024
Wi-Fi Alliance wfa_dut (in Wi-Fi Test Suite) through 9.0.0 allows OS command injection via 802...
High
Unreviewed
CVE-2024-41992
was published
Nov 11, 2024
Dell Enterprise SONiC OS, version(s) 4.1.x, 4.2.x, contain(s) an Improper Neutralization of...
Critical
Unreviewed
CVE-2024-45763
was published
Nov 8, 2024
Dell Enterprise SONiC OS, version(s) 4.1.x, 4.2.x, contain(s) an Improper Neutralization of...
Critical
Unreviewed
CVE-2024-45765
was published
Nov 8, 2024
The pwrstudio web application of EV Charger (in the server in Circontrol Raption through 5.6.2)...
Critical
Unreviewed
CVE-2020-8007
was published
Nov 8, 2024
An issue was discovered in Logpoint before 7.5.0. Unvalidated input during the EventHub Collector...
Moderate
Unreviewed
CVE-2024-48954
was published
Nov 7, 2024
A vulnerability has been found in didi Super-Jacoco 1.0 and classified as critical. Affected by...
Moderate
Unreviewed
CVE-2024-10919
was published
Nov 6, 2024
ProTip!
Advisories are also available from the
GraphQL API