GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,090
Erlang
29
GitHub Actions
19
Go
1,915
Maven
5,000+
npm
3,646
NuGet
638
pip
3,262
Pub
10
RubyGems
870
Rust
821
Swift
35
Unreviewed advisories
All unreviewed
5,000+
1,024 advisories
Filter by severity
A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 HF1)....
High
Unreviewed
CVE-2024-39568
was published
Jul 9, 2024
A vulnerability has been identified in SINEMA Remote Connect Client (All versions < V3.2 HF1)....
High
Unreviewed
CVE-2024-39567
was published
Jul 9, 2024
A vulnerability has been identified in SINEMA Remote Connect Server (All versions < V3.2 HF1)....
High
Unreviewed
CVE-2024-39570
was published
Jul 9, 2024
A local privilege escalation vlnerability in the WatchGuard Mobile VPN with SSL client on Windows...
High
Unreviewed
CVE-2024-4944
was published
Jul 9, 2024
In Splunk Enterprise versions below 9.2.2, 9.1.5, and 9.0.10 and Splunk Cloud Platform versions...
High
Unreviewed
CVE-2024-36983
was published
Jul 1, 2024
Netwrix CoSoSys Endpoint Protector through 5.9.3 and CoSoSys Unify through 7.0.6 contain a remote...
High
Unreviewed
CVE-2024-36073
was published
Jun 27, 2024
This Advisory describes an issue that impacts Arista Wireless Access Points. Any entity with the...
High
Unreviewed
CVE-2024-4578
was published
Jun 27, 2024
HashiCorp go-getter Vulnerable to Code Execution On Git Update Via Git Config Manipulation
High
CVE-2024-6257
was published
for
github.com/hashicorp/go-getter
(Go)
Jun 25, 2024
OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable...
High
Unreviewed
CVE-2024-4639
was published
Jun 25, 2024
OnCell G3470A-LTE Series firmware versions v1.7.7 and prior have been identified as vulnerable...
High
Unreviewed
CVE-2024-4638
was published
Jun 25, 2024
The CRUDDIY project is vulnerable to shell command injection via sending a crafted POST request...
High
Unreviewed
CVE-2024-4748
was published
Jun 24, 2024
Composer has a command injection via malicious git branch name
High
CVE-2024-35241
was published
for
composer/composer
(Composer)
Jun 10, 2024
Composer has multiple command injections via malicious git/hg branch names
High
CVE-2024-35242
was published
for
composer/composer
(Composer)
Jun 10, 2024
On Mitel 6869i 4.5.0.41 devices, the Manual Firmware Update (upgrade.html) page does not perform...
High
Unreviewed
CVE-2024-37570
was published
Jun 9, 2024
An issue was discovered on Mitel 6869i through 4.5.0.41 and 5.x through 5.0.0.1018 devices. A...
High
Unreviewed
CVE-2024-37569
was published
Jun 9, 2024
A10 Thunder ADC CsrRequestView Command Injection Remote Code Execution Vulnerability. This...
High
Unreviewed
CVE-2024-30368
was published
Jun 6, 2024
A command injection vulnerability exists in the gradio-app/gradio repository, specifically within...
High
Unreviewed
CVE-2024-4253
was published
Jun 4, 2024
A remote code execution (RCE) vulnerability exists in the parisneo/lollms-webui, specifically...
High
Unreviewed
CVE-2024-4267
was published
May 22, 2024
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability...
High
Unreviewed
CVE-2024-1417
was published
May 16, 2024
A vulnerability in the ConfD CLI and the Cisco Crosswork Network Services Orchestrator CLI could...
High
Unreviewed
CVE-2024-20326
was published
May 16, 2024
LoLLMS Command Injection vulnerability
High
CVE-2024-4078
was published
for
lollms
(pip)
May 16, 2024
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain a command injection...
High
Unreviewed
CVE-2024-32355
was published
May 14, 2024
A vulnerability has been identified in CPCI85 Central Processing/Communication (All versions < V5...
High
Unreviewed
CVE-2024-31485
was published
May 14, 2024
A Blind command injection vulnerability in Tenda O3V2 V1.0.0.12 and earlier allows remote...
High
Unreviewed
CVE-2024-34338
was published
May 14, 2024
ProTip!
Advisories are also available from the
GraphQL API