Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+

3,091 advisories

Loading
A vulnerability was found in TOTOLINK T10 4.1.8cu.5207. It has been declared as critical. This... Moderate Unreviewed
CVE-2024-9001 was published Sep 19, 2024
A vulnerability classified as critical has been found in D-Link DAR-7000 up to 20240912. Affected... Moderate Unreviewed
CVE-2024-9004 was published Sep 19, 2024
Chaosblade vulnerable to OS command execution Critical
CVE-2023-47105 was published for github.com/chaosblade-io/chaosblade (Go) Sep 18, 2024
OS command injection vulnerability in multiple digital video recorders provided by TAKENAKA... High Unreviewed
CVE-2024-43778 was published Sep 18, 2024
PTZOptics PT30X-SDI/NDI-xx before firmware 6.3.40 is vulnerable to an OS command injection issue.... High Unreviewed
CVE-2024-8957 was published Sep 17, 2024
Authenticated command injection vulnerability exists in the ArubaOS command line interface.... High Unreviewed
CVE-2024-42502 was published Sep 17, 2024
Authenticated command execution vulnerability exist in the ArubaOS command line interface (CLI).... High Unreviewed
CVE-2024-42503 was published Sep 17, 2024
A vulnerability classified as critical has been found in TOTOLINK A720R 4.1.5. Affected is the... Low Unreviewed
CVE-2024-8869 was published Sep 16, 2024
Certain models of D-Link wireless routers do not properly validate user input in the telnet... High Unreviewed
CVE-2024-45698 was published Sep 16, 2024
An input validation weakness was discovered in XCC that could allow a valid, authenticated XCC... High Unreviewed
CVE-2024-8280 was published Sep 13, 2024
An input validation weakness was discovered in XCC that could allow a valid, authenticated XCC... High Unreviewed
CVE-2024-8281 was published Sep 13, 2024
A privilege escalation vulnerability was discovered in XCC that could allow a valid,... High Unreviewed
CVE-2024-8279 was published Sep 13, 2024
A privilege escalation vulnerability was discovered in XCC that could allow a valid,... High Unreviewed
CVE-2024-8278 was published Sep 13, 2024
Multiple vulnerabilities in Cisco Routed PON Controller Software, which runs as a docker... High Unreviewed
CVE-2024-20483 was published Sep 11, 2024
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker... High Unreviewed
CVE-2024-20398 was published Sep 11, 2024
A command injection vulnerability in Palo Alto Networks PAN-OS software enables an authenticated... High Unreviewed
CVE-2024-8686 was published Sep 11, 2024
AutoGPT bypass of the shell commands denylist settings Critical
CVE-2024-6091 was published for agpt (pip) Sep 11, 2024
An OS command injection vulnerability in Ivanti Cloud Services Appliance versions 4.6 Patch 518... High Unreviewed
CVE-2024-8190 was published Sep 10, 2024
An attacker with authenticated access to VICIdial as an "agent" can execute arbitrary shell... High Unreviewed
CVE-2024-8504 was published Sep 10, 2024
A low privileged remote attacker can read and write files as root due to improper neutralization... High Unreviewed
CVE-2024-43387 was published Sep 10, 2024
A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due... High Unreviewed
CVE-2024-43385 was published Sep 10, 2024
A low privileged remote attacker can trigger the execution of arbitrary OS commands as root due... High Unreviewed
CVE-2024-43386 was published Sep 10, 2024
An low privileged remote attacker can execute OS commands with root privileges due to improper... High Unreviewed
CVE-2024-7699 was published Sep 10, 2024
OS command injection vulnerability exists in BUFFALO wireless LAN routers and wireless LAN... Moderate Unreviewed
CVE-2024-44072 was published Sep 10, 2024
**UNSUPPORTED WHEN ASSIGNED** A command injection vulnerability in the export-cgi program of... Critical Unreviewed
CVE-2024-6342 was published Sep 10, 2024
ProTip! Advisories are also available from the GraphQL API