GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
2,320 advisories
Filter by severity
An attacker with local access the to medical office computer can
escalate his Windows user...
High
Unreviewed
CVE-2024-50591
was published
Nov 8, 2024
A vulnerability, which was classified as critical, has been found in TOTOLINK X18 9.1.0cu...
Moderate
Unreviewed
CVE-2024-10966
was published
Nov 7, 2024
A vulnerability in the web-based management interface of Cisco Unified Industrial Wireless...
Critical
Unreviewed
CVE-2024-20418
was published
Nov 6, 2024
Symfony vulnerable to command execution hijack on Windows with Process class
High
CVE-2024-51736
was published
for
symfony/process
(Composer)
Nov 6, 2024
Command injection vulnerability in the underlying CLI service could lead to unauthenticated...
Critical
Unreviewed
CVE-2024-47460
was published
Nov 6, 2024
An authenticated command injection vulnerability exists in the Instant AOS-8 and AOS-10 command...
High
Unreviewed
CVE-2024-47461
was published
Nov 6, 2024
An issue in Lens Visual integration with Power BI v.4.0.0.3 allows a remote attacker to execute...
Critical
Unreviewed
CVE-2024-48746
was published
Nov 6, 2024
Command injection vulnerability in the underlying CLI service could lead to unauthenticated...
Critical
Unreviewed
CVE-2024-42509
was published
Nov 6, 2024
DCME-320 v7.4.12.90 was discovered to contain a command injection vulnerability.
Critical
Unreviewed
CVE-2024-51115
was published
Nov 6, 2024
A potential vulnerability was discovered in certain Poly video conferencing devices. The firmware...
High
Unreviewed
CVE-2024-9579
was published
Nov 5, 2024
Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were...
High
Unreviewed
CVE-2024-52022
was published
Nov 5, 2024
A vulnerability has been found in Tenda AC6 15.03.05.19 and classified as critical. Affected by...
Moderate
Unreviewed
CVE-2024-10697
was published
Nov 2, 2024
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and...
Critical
Unreviewed
CVE-2024-51255
was published
Oct 31, 2024
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and...
Critical
Unreviewed
CVE-2024-51260
was published
Oct 31, 2024
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and...
Critical
Unreviewed
CVE-2024-51259
was published
Oct 31, 2024
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and...
High
Unreviewed
CVE-2024-51254
was published
Oct 31, 2024
KERUI HD 3MP 1080P Tuya Camera 1.0.4 has a command injection vulnerability in the module that...
High
Unreviewed
CVE-2024-48214
was published
Oct 30, 2024
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and...
High
Unreviewed
CVE-2024-51258
was published
Oct 30, 2024
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and...
High
Unreviewed
CVE-2024-51300
was published
Oct 30, 2024
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and...
High
Unreviewed
CVE-2024-51257
was published
Oct 30, 2024
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and...
High
Unreviewed
CVE-2024-51296
was published
Oct 30, 2024
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and...
High
Unreviewed
CVE-2024-51301
was published
Oct 30, 2024
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and...
High
Unreviewed
CVE-2024-51299
was published
Oct 30, 2024
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and...
High
Unreviewed
CVE-2024-51304
was published
Oct 30, 2024
Command injection vulnerability in the Edge Computing UI for the
TRO600 series radios that allows...
High
Unreviewed
CVE-2024-41153
was published
Oct 29, 2024
ProTip!
Advisories are also available from the
GraphQL API