GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,081
Erlang
29
GitHub Actions
19
Go
1,909
Maven
5,000+
npm
3,642
NuGet
638
pip
3,258
Pub
10
RubyGems
869
Rust
820
Swift
35
Unreviewed advisories
All unreviewed
5,000+
3,104 advisories
Filter by severity
A privilege escalation vulnerability was discovered in the web interface or SSH captive command...
High
Unreviewed
CVE-2024-38508
was published
Jul 26, 2024
Starship vulnerable to shell injection via undocumented, unpredictable shell expansion in custom commands
High
CVE-2024-41815
was published
for
starship
(Rust)
Jul 26, 2024
A vulnerability, which was classified as critical, was found in Raisecom MSG1200, MSG2100E,...
Moderate
Unreviewed
CVE-2024-7120
was published
Jul 26, 2024
Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the...
Critical
Unreviewed
CVE-2024-41468
was published
Jul 26, 2024
Tenda FH1201 v1.2.0.14 was discovered to contain a command injection vulnerability via the mac...
High
Unreviewed
CVE-2024-41473
was published
Jul 26, 2024
Softaculous Webuzo contains a command injection vulnerability in the FTP management functionality...
High
Unreviewed
CVE-2024-24623
was published
Jul 26, 2024
Softaculous Webuzo contains a command injection in the password reset functionality. A remote,...
High
Unreviewed
CVE-2024-24622
was published
Jul 26, 2024
An authenticated command injection vulnerability exists in the HPE Aruba Networking EdgeConnect...
Moderate
Unreviewed
CVE-2024-41136
was published
Jul 24, 2024
Adtran 834-5 11.1.0.101-202106231430, and fixed as of SmartOS Version 12.5.5.1, devices allow OS...
High
Unreviewed
CVE-2024-31977
was published
Jul 24, 2024
AdTran 834-5 HDC17600021F1 (SmartOS 11.1.1.1) devices enable the SSH service by default and have...
High
Unreviewed
CVE-2024-39345
was published
Jul 24, 2024
A vulnerability was found in F-logic DataCube3 1.0. It has been declared as critical. Affected by...
Moderate
Unreviewed
CVE-2024-7066
was published
Jul 24, 2024
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability...
Moderate
Unreviewed
CVE-2024-41314
was published
Jul 22, 2024
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability...
Moderate
Unreviewed
CVE-2024-41315
was published
Jul 22, 2024
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability...
High
Unreviewed
CVE-2024-41317
was published
Jul 22, 2024
A command injection vulnerability exists in Wyze V4 Pro firmware versions before 4.50.4.9222,...
Moderate
Unreviewed
CVE-2024-37066
was published
Jul 19, 2024
Sliver Allows Authenticated Operator-to-Server Remote Code Execution
High
CVE-2024-41111
was published
for
github.com/bishopfox/sliver
(Go)
Jul 18, 2024
Local privilege escalation due to OS command injection vulnerability. The following products are...
High
Unreviewed
CVE-2024-34013
was published
Jul 18, 2024
projectdiscovery/nuclei allows unsigned code template execution through workflows
High
CVE-2024-40641
was published
for
github.com/projectdiscovery/nuclei/v3
(Go)
Jul 17, 2024
FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. allow a...
Critical
Unreviewed
CVE-2024-36491
was published
Jul 17, 2024
FutureNet NXR series, VXR series and WXR series provided by Century Systems Co., Ltd. contain an...
High
Unreviewed
CVE-2024-36475
was published
Jul 17, 2024
An issue was found on the Ruijie EG-2000 series gateway. There is a newcli.php API interface...
Critical
Unreviewed
CVE-2019-16639
was published
Jul 16, 2024
An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved...
High
Unreviewed
CVE-2024-39523
was published
Jul 11, 2024
An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved...
High
Unreviewed
CVE-2024-39521
was published
Jul 11, 2024
An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved...
High
Unreviewed
CVE-2024-39524
was published
Jul 11, 2024
An Improper Neutralization of Special Elements vulnerability in Juniper Networks Junos OS Evolved...
High
Unreviewed
CVE-2024-39522
was published
Jul 11, 2024
ProTip!
Advisories are also available from the
GraphQL API