Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,189
Erlang
31
GitHub Actions
19
Go
1,985
Maven
5,000+
npm
3,701
NuGet
657
pip
3,326
Pub
11
RubyGems
882
Rust
836
Swift
35
Unreviewed advisories
All unreviewed
5,000+

1,061 advisories

Loading
An attacker with local access the to medical office computer can escalate his Windows user... High Unreviewed
CVE-2024-50591 was published Nov 8, 2024
Symfony vulnerable to command execution hijack on Windows with Process class High
CVE-2024-51736 was published for symfony/process (Composer) Nov 6, 2024
nicolas-grekas
An authenticated command injection vulnerability exists in the Instant AOS-8 and AOS-10 command... High Unreviewed
CVE-2024-47461 was published Nov 6, 2024
A potential vulnerability was discovered in certain Poly video conferencing devices. The firmware... High Unreviewed
CVE-2024-9579 was published Nov 5, 2024
Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were... High Unreviewed
CVE-2024-52022 was published Nov 5, 2024
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and... High Unreviewed
CVE-2024-51254 was published Oct 31, 2024
KERUI HD 3MP 1080P Tuya Camera 1.0.4 has a command injection vulnerability in the module that... High Unreviewed
CVE-2024-48214 was published Oct 30, 2024
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and... High Unreviewed
CVE-2024-51258 was published Oct 30, 2024
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and... High Unreviewed
CVE-2024-51300 was published Oct 30, 2024
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and... High Unreviewed
CVE-2024-51257 was published Oct 30, 2024
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and... High Unreviewed
CVE-2024-51296 was published Oct 30, 2024
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and... High Unreviewed
CVE-2024-51301 was published Oct 30, 2024
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and... High Unreviewed
CVE-2024-51299 was published Oct 30, 2024
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and... High Unreviewed
CVE-2024-51304 was published Oct 30, 2024
Command injection vulnerability in the Edge Computing UI for the TRO600 series radios that allows... High Unreviewed
CVE-2024-41153 was published Oct 29, 2024
A vulnerability classified as critical has been found in WAVLINK WN530H4, WN530HG4 and WN572HG3... High Unreviewed
CVE-2024-10429 was published Oct 27, 2024
A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. It has been... High Unreviewed
CVE-2024-10428 was published Oct 27, 2024
A prompt injection vulnerability in the chatbox of Butterfly Effect Limited Monica Your AI... High Unreviewed
CVE-2024-48140 was published Oct 24, 2024
A prompt injection vulnerability in the chatbox of Zhipu AI CodeGeeX v2.17.0 allows attackers to... High Unreviewed
CVE-2024-48141 was published Oct 24, 2024
A prompt injection vulnerability in the chatbox of Butterfly Effect Limited Monica ChatGPT AI... High Unreviewed
CVE-2024-48142 was published Oct 24, 2024
A prompt injection vulnerability in the chatbox of Blackbox AI v1.3.95 allows attackers to access... High Unreviewed
CVE-2024-48139 was published Oct 24, 2024
Shenzhen Tuoshi Network Communications Co.,Ltd 5G CPE Router NR500-EA RG500UEAABxCOMSLICv3.2.2543... High Unreviewed
CVE-2024-48440 was published Oct 24, 2024
Wuhan Tianyu Information Industry Co., Ltd Tianyu CPE Router CommonCPExCPETS_v3.2.468.11.04_P4... High Unreviewed
CVE-2024-48441 was published Oct 24, 2024
Netgear R7000 1.0.11.136 is vulnerable to Command Injection in RMT_invite.cgi via device_name2... High Unreviewed
CVE-2024-35520 was published Oct 15, 2024
Netgear EX6120 v1.0.0.68 is vulnerable to Command Injection in genie_fix2.cgi via the... High Unreviewed
CVE-2024-35518 was published Oct 15, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database