Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,359
Erlang
33
GitHub Actions
22
Go
2,126
Maven
5,000+
npm
3,787
NuGet
683
pip
3,467
Pub
12
RubyGems
894
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

320 advisories

Loading
A vulnerability was found in TRENDnet TEW-822DRE 1.03B02. It has been declared as critical. This... Moderate Unreviewed
CVE-2024-0920 was published Jan 26, 2024
A vulnerability in the web-based management interface of the Cisco WAP371 Wireless-AC/N Dual... Moderate Unreviewed
CVE-2024-20287 was published Jan 17, 2024
An attacker with access to a Management Console user account with the editor role could escalate... Moderate Unreviewed
CVE-2024-0507 was published Jan 16, 2024
A vulnerability classified as critical was found in Totolink X2000R 1.0.0-B20221212.1452.... Moderate Unreviewed
CVE-2024-0579 was published Jan 16, 2024
A vulnerability was found in Totolink LR1200GB 9.1.0u.6619_B20230130. It has been rated as... Moderate Unreviewed
CVE-2024-0291 was published Jan 8, 2024
In Red Hat Advanced Cluster Security (RHACS), it was found that some security related HTTP... Moderate Unreviewed
CVE-2023-4958 was published Dec 12, 2023
SAP Solution Manager - version 720, allows an authorized attacker to execute certain deprecated... Moderate Unreviewed
CVE-2023-49587 was published Dec 12, 2023
An issue was discovered on Connectize AC21000 G6 641.139.1.1256 allows attackers to run arbitrary... Moderate Unreviewed
CVE-2023-24046 was published Dec 5, 2023
A vulnerability in a specific Cisco ISE CLI command could allow an authenticated, local attacker... Moderate Unreviewed
CVE-2023-20170 was published Nov 1, 2023
Command Injection in pip when used with Mercurial Moderate
CVE-2023-5752 was published for pip (pip) Oct 25, 2023
mwpeterson
A vulnerability in the ClearPass Policy Manager web-based management interface allows remote... Moderate Unreviewed
CVE-2023-43510 was published Oct 25, 2023
?A command injection vulnerability exists in Trane XL824, XL850, XL1050, and Pivot thermostats... Moderate Unreviewed
CVE-2023-4212 was published Aug 22, 2023
A vulnerability was found in Beijing Baichuo Smart S85F Management Platform up to 20230807. It... Moderate Unreviewed
CVE-2023-4414 was published Aug 18, 2023
A vulnerability in Cisco Intersight Virtual Appliance could allow an unauthenticated, adjacent... Moderate Unreviewed
CVE-2023-20237 was published Aug 17, 2023
Harman Infotainment 20190525031613 and later allows command injection via unauthenticated RPC... Moderate Unreviewed
CVE-2023-40293 was published Aug 14, 2023
ScanCode.io command injection in docker image fetch process Moderate
CVE-2023-39523 was published for scancodeio (pip) Aug 9, 2023
0xmpij
A vulnerability was found in Beijing Baichuo Smart S85F Management Platform up to 20230722 and... Moderate Unreviewed
CVE-2023-4120 was published Aug 3, 2023
Attackers with access to user accounts can inject arbitrary control characters to SIEVE mail... Moderate Unreviewed
CVE-2023-26430 was published Aug 2, 2023
Insufficient validation of untrusted input in Chromad in Google Chrome on ChromeOS prior to 115.0... Moderate Unreviewed
CVE-2023-3739 was published Aug 2, 2023
Brocade Fabric OS before Brocade Fabric OS v9.1.1c, v9.2.0 contains a vulnerability when using... Moderate Unreviewed
CVE-2023-31429 was published Aug 1, 2023
An attacker having physical access to WDM can plug USB device to gain access and execute unwanted... Moderate Unreviewed
CVE-2022-46361 was published Jul 6, 2023
Concrete CMS Cross-site Scripting vulnerability Moderate
CVE-2022-43695 was published for concrete5/concrete5 (Composer) Jul 6, 2023
1Panel vulnerable to command injection when entering the container terminal Moderate
CVE-2023-36458 was published for github.com/1Panel-dev/1Panel (Go) Jul 5, 2023
Malayke
1Panel vulnerable to command injection when adding container repositories Moderate
CVE-2023-36457 was published for github.com/1Panel-dev/1Panel (Go) Jul 5, 2023
Post-authentication remote command injection vulnerabilities in Western Digital My Cloud OS 5... Moderate Unreviewed
CVE-2023-22815 was published Jul 1, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database