Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,773 advisories

Loading
An authorized RCE vulnerability exists in the DrayTek Vigor2960 router version 1.4.4, where an... High Unreviewed
CVE-2024-48074 was published Oct 28, 2024
User provided input is not sanitized on the AXIS License Plate Verifier specific “api.cgi”... High Unreviewed
CVE-2023-21410 was published Aug 3, 2023
GoSecure on behalf of Genetec Inc. has found a flaw that allows for a remote code execution... High Unreviewed
CVE-2023-21413 was published Oct 16, 2023
User provided input is not sanitized in the “Settings > Access Control” configuration interface... High Unreviewed
CVE-2023-21411 was published Aug 3, 2023
D-Link DIR_823G 1.0.2B05 was discovered to contain a command injection vulnerability via the... High Unreviewed
CVE-2024-51023 was published Nov 5, 2024
D-Link DIR_823G 1.0.2B05 was discovered to contain a command injection vulnerability via the... High Unreviewed
CVE-2024-51024 was published Nov 5, 2024
Netgear XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 was discovered to contain a... High Unreviewed
CVE-2024-51021 was published Nov 5, 2024
Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were... High Unreviewed
CVE-2024-51010 was published Nov 5, 2024
Netgear XR300 v1.0.3.78 was discovered to contain a command injection vulnerability in the... High Unreviewed
CVE-2024-51008 was published Nov 5, 2024
Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the... High Unreviewed
CVE-2024-52019 was published Nov 5, 2024
Netgear XR300 v1.0.3.78 was discovered to contain a command injection vulnerability in the... High Unreviewed
CVE-2024-52018 was published Nov 5, 2024
Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the... High Unreviewed
CVE-2024-52020 was published Nov 5, 2024
Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the... High Unreviewed
CVE-2024-52021 was published Nov 5, 2024
Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the... High Unreviewed
CVE-2024-51005 was published Nov 5, 2024
Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the... High Unreviewed
CVE-2024-51009 was published Nov 5, 2024
Netgear R8500 v1.0.2.160 was discovered to contain a command injection vulnerability in the... High Unreviewed
CVE-2024-50993 was published Nov 5, 2024
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and... High Unreviewed
CVE-2024-51252 was published Nov 1, 2024
MangoOS before 5.2.0 was discovered to contain an authenticated remote code execution (RCE)... High Unreviewed
CVE-2024-37845 was published Oct 25, 2024
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and... High Unreviewed
CVE-2024-51249 was published Nov 4, 2024
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and... High Unreviewed
CVE-2024-51246 was published Nov 4, 2024
DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This... High Unreviewed
CVE-2024-45893 was published Nov 4, 2024
DrayTek Vigor3900 1.5.1.3 contains a command injection vulnerability. This vulnerability occurs... High Unreviewed
CVE-2024-45888 was published Nov 4, 2024
DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This... High Unreviewed
CVE-2024-45891 was published Nov 4, 2024
DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability. This... High Unreviewed
CVE-2024-45889 was published Nov 4, 2024
DrayTek Vigor3900 1.5.1.3 contains a post-authentication command injection vulnerability This... High Unreviewed
CVE-2024-45890 was published Nov 4, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database