GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,285
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,741
NuGet
668
pip
3,422
Pub
12
RubyGems
892
Rust
875
Swift
36
Unreviewed advisories
All unreviewed
5,000+
374 advisories
Filter by severity
A local user with administrative access rights can enter specialy crafted values for settings at...
Moderate
Unreviewed
CVE-2024-8934
was published
Oct 31, 2024
A vulnerability classified as critical was found in Tenda AC1206 up to 15.03.06.23. This...
Moderate
Unreviewed
CVE-2024-9793
was published
Oct 10, 2024
An issue was discovered in Logpoint before 7.5.0. Unvalidated input during the EventHub Collector...
Moderate
Unreviewed
CVE-2024-48954
was published
Nov 7, 2024
Brandon
Rothel from QED Secure Solutions has found that the VAPIX API tcptest.cgi
did not have a...
Moderate
Unreviewed
CVE-2023-5677
was published
Feb 5, 2024
A vulnerability has been found in didi Super-Jacoco 1.0 and classified as critical. Affected by...
Moderate
Unreviewed
CVE-2024-10919
was published
Nov 6, 2024
A post-authentication command injection vulnerability in the CGI program in the Zyxel GS1900-48...
Moderate
Unreviewed
CVE-2024-8881
was published
Nov 12, 2024
Multiple improper neutralization of special elements used in an OS command ('OS Command Injection...
Moderate
Unreviewed
CVE-2024-32118
was published
Nov 12, 2024
Code injection in `saved_model_cli`
Moderate
CVE-2021-41228
was published
for
tensorflow
(pip)
Nov 10, 2021
A vulnerability in the web-based management interface and in the API subsystem of Cisco ...
Moderate
Unreviewed
CVE-2022-20652
was published
Nov 15, 2024
A vulnerability in the web management interface of Cisco AsyncOS for Cisco Secure Web...
Moderate
Unreviewed
CVE-2022-20871
was published
Nov 15, 2024
Wyze Cam v3 Wi-Fi SSID OS Command Injection Remote Code Execution Vulnerability. This...
Moderate
Unreviewed
CVE-2024-6247
was published
Nov 22, 2024
Visteon Infotainment REFLASH_DDU_FindFile Command Injection Remote Code Execution Vulnerability....
Moderate
Unreviewed
CVE-2024-8359
was published
Nov 23, 2024
Visteon Infotainment UPDATES_ExtractFile Command Injection Remote Code Execution Vulnerability....
Moderate
Unreviewed
CVE-2024-8358
was published
Nov 23, 2024
Visteon Infotainment REFLASH_DDU_ExtractFile Command Injection Remote Code Execution...
Moderate
Unreviewed
CVE-2024-8360
was published
Nov 23, 2024
A CWE-798 "Use of Hard-coded Credentials" was discovered affecting the following devices...
Moderate
Unreviewed
CVE-2024-50377
was published
Nov 26, 2024
A vulnerability was found in DedeCMS up to 5.7.115. It has been rated as critical. This issue...
Moderate
Unreviewed
CVE-2024-9076
was published
Sep 22, 2024
The Logo Slider WordPress plugin before 4.5.0 does not sanitise and escape some of its Logo and...
Moderate
Unreviewed
CVE-2024-10896
was published
Nov 28, 2024
A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS...
Moderate
Unreviewed
CVE-2024-9474
was published
Nov 18, 2024
An issue in TOTOLINK-CX-A3002RU V1.0.4-B20171106.1512 and TOTOLINK-CX-N150RT V2.1.6-B20171121...
Moderate
Unreviewed
CVE-2024-51228
was published
Nov 27, 2024
A vulnerability was found in WeiYe-Jing datax-web 2.1.1. It has been classified as critical. This...
Moderate
Unreviewed
CVE-2024-12358
was published
Dec 9, 2024
A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS)...
Moderate
Unreviewed
CVE-2024-12686
was published
Dec 18, 2024
An issue was discovered in hwclock.13-v2.27 allows attackers to gain escalated privlidges or...
Moderate
Unreviewed
CVE-2020-21583
was published
Aug 22, 2023
IBM Security Directory Integrator 7.2.0 through 7.2.0.13 and 10.0.0 through 10.0.3 could allow a...
Moderate
Unreviewed
CVE-2024-28767
was published
Dec 20, 2024
Tiki Wiki CMS – CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic...
Moderate
Unreviewed
CVE-2024-47918
was published
Dec 30, 2024
ProTip!
Advisories are also available from the
GraphQL API