GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,903
Maven
5,000+
npm
3,632
NuGet
638
pip
3,249
Pub
10
RubyGems
864
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
2,205 advisories
Filter by severity
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek SD9364 VVTK-0103f. It has...
Moderate
Unreviewed
CVE-2024-7442
was published
Aug 3, 2024
A vulnerability, which was classified as critical, has been found in D-Link DI-8100 16.07. This...
Moderate
Unreviewed
CVE-2024-7436
was published
Aug 3, 2024
Commands can be injected over the network and executed without authentication.
High
Unreviewed
CVE-2024-7029
was published
Aug 2, 2024
A command injection vulnerability could allow an authenticated user to execute operating system...
High
Unreviewed
CVE-2022-4002
was published
Jul 31, 2024
A vulnerability was found in TOTOLINK LR1200 9.3.1cu.2832 and classified as critical. Affected by...
Moderate
Unreviewed
CVE-2024-7215
was published
Jul 30, 2024
A vulnerability has been found in TOTOLINK LR350 9.3.5u.6369_B20220309 and classified as critical...
Moderate
Unreviewed
CVE-2024-7214
was published
Jul 30, 2024
RaspAP allows an attacker to escalate privileges
Critical
CVE-2024-41637
was published
for
billz/raspap-webgui
(Composer)
Jul 29, 2024
A vulnerability classified as critical was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. This...
Moderate
Unreviewed
CVE-2024-7181
was published
Jul 29, 2024
A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been classified as...
High
Unreviewed
CVE-2024-7177
was published
Jul 29, 2024
A vulnerability, which was classified as critical, was found in TOTOLINK A3600R 4.1.2cu...
High
Unreviewed
CVE-2024-7174
was published
Jul 29, 2024
A vulnerability was found in TOTOLINK A3100R 4.1.2cu.5050_B20200504. It has been declared as...
Moderate
Unreviewed
CVE-2024-7158
was published
Jul 28, 2024
A vulnerability classified as critical has been found in TOTOLINK A3700R 9.1.2u.5822_B20200513....
Moderate
Unreviewed
CVE-2024-7160
was published
Jul 28, 2024
Starship vulnerable to shell injection via undocumented, unpredictable shell expansion in custom commands
High
CVE-2024-41815
was published
for
starship
(Rust)
Jul 26, 2024
An authenticated command injection vulnerability exists in the HPE Aruba Networking EdgeConnect...
Moderate
Unreviewed
CVE-2024-41136
was published
Jul 24, 2024
A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateway's Command Line...
High
Unreviewed
CVE-2024-41135
was published
Jul 24, 2024
A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateway's Command Line...
High
Unreviewed
CVE-2024-41133
was published
Jul 24, 2024
A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateway's Command Line...
High
Unreviewed
CVE-2024-41134
was published
Jul 24, 2024
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability...
Critical
Unreviewed
CVE-2024-41319
was published
Jul 23, 2024
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability...
High
Unreviewed
CVE-2024-41320
was published
Jul 22, 2024
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability...
Critical
Unreviewed
CVE-2024-41318
was published
Jul 22, 2024
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability...
Critical
Unreviewed
CVE-2024-41316
was published
Jul 22, 2024
AX3000 Dual-Band Gigabit Wi-Fi 6 Router AX9 V22.03.01.46 and AX3000 Dual-Band Gigabit Wi-Fi 6...
High
Unreviewed
CVE-2024-39963
was published
Jul 19, 2024
In streampark, the project module integrates Maven's compilation capabilities. The input...
Moderate
Unreviewed
CVE-2023-52291
was published
Jul 17, 2024
In streampark, the project module integrates Maven's compilation capabilities. The input...
Moderate
Unreviewed
CVE-2024-29737
was published
Jul 17, 2024
This vulnerability allows an unauthenticated attacker to achieve remote command execution on the...
Critical
Unreviewed
CVE-2024-38492
was published
Jul 15, 2024
ProTip!
Advisories are also available from the
GraphQL API