GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,205
Erlang
31
GitHub Actions
19
Go
1,988
Maven
5,000+
npm
3,704
NuGet
661
pip
3,332
Pub
11
RubyGems
884
Rust
845
Swift
36
Unreviewed advisories
All unreviewed
5,000+
2,305 advisories
Filter by severity
Connecting to a malicious Codespaces via GH CLI could allow command execution on the user's computer
High
CVE-2024-52308
was published
for
github.com/cli/cli/v2
(Go)
Nov 14, 2024
Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injection vulnerability via the...
High
Unreviewed
CVE-2024-50852
was published
Nov 13, 2024
Tenda G3 v3.0 v15.11.0.20 was discovered to contain a command injection vulnerability via the...
High
Unreviewed
CVE-2024-50853
was published
Nov 13, 2024
An issue in DLink DWR 2000M 5G CPE With Wifi 6 Ax1800 and Dlink DWR 5G CPE DWR-2000M_1.34ME...
High
Unreviewed
CVE-2024-28726
was published
Nov 13, 2024
Azure Database for PostgreSQL Flexible Server Extension Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-49042
was published
Nov 12, 2024
Azure Database for PostgreSQL Flexible Server Extension Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-43613
was published
Nov 12, 2024
Microsoft Excel Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-49026
was published
Nov 12, 2024
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All...
High
Unreviewed
CVE-2024-50572
was published
Nov 12, 2024
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) an...
High
Unreviewed
CVE-2024-49557
was published
Nov 12, 2024
Dell SmartFabric OS10 Software, version(s) 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contain(s) a...
High
Unreviewed
CVE-2024-49560
was published
Nov 12, 2024
D-Link DIR-820L 1.05b03 was discovered to contain a remote code execution (RCE) vulnerability via...
High
Unreviewed
CVE-2024-51186
was published
Nov 11, 2024
A vulnerability was found in D-Link DI-8003 16.07.16A1. It has been classified as critical....
Moderate
Unreviewed
CVE-2024-11046
was published
Nov 10, 2024
An attacker with local access the to medical office computer can
escalate his Windows user...
High
Unreviewed
CVE-2024-50591
was published
Nov 8, 2024
A vulnerability, which was classified as critical, has been found in TOTOLINK X18 9.1.0cu...
Moderate
Unreviewed
CVE-2024-10966
was published
Nov 7, 2024
A vulnerability in the web-based management interface of Cisco Unified Industrial Wireless...
Critical
Unreviewed
CVE-2024-20418
was published
Nov 6, 2024
Symfony vulnerable to command execution hijack on Windows with Process class
High
CVE-2024-51736
was published
for
symfony/process
(Composer)
Nov 6, 2024
An issue in Lens Visual integration with Power BI v.4.0.0.3 allows a remote attacker to execute...
Critical
Unreviewed
CVE-2024-48746
was published
Nov 6, 2024
Command injection vulnerability in the underlying CLI service could lead to unauthenticated...
Critical
Unreviewed
CVE-2024-42509
was published
Nov 6, 2024
An authenticated command injection vulnerability exists in the Instant AOS-8 and AOS-10 command...
High
Unreviewed
CVE-2024-47461
was published
Nov 6, 2024
Command injection vulnerability in the underlying CLI service could lead to unauthenticated...
Critical
Unreviewed
CVE-2024-47460
was published
Nov 6, 2024
DCME-320 v7.4.12.90 was discovered to contain a command injection vulnerability.
Critical
Unreviewed
CVE-2024-51115
was published
Nov 6, 2024
A potential vulnerability was discovered in certain Poly video conferencing devices. The firmware...
High
Unreviewed
CVE-2024-9579
was published
Nov 5, 2024
Netgear R8500 v1.0.2.160, XR300 v1.0.3.78, R7000P v1.3.3.154, and R6400 v2 1.0.4.128 were...
High
Unreviewed
CVE-2024-52022
was published
Nov 5, 2024
A vulnerability has been found in Tenda AC6 15.03.05.19 and classified as critical. Affected by...
Moderate
Unreviewed
CVE-2024-10697
was published
Nov 2, 2024
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and...
Critical
Unreviewed
CVE-2024-51260
was published
Oct 31, 2024
ProTip!
Advisories are also available from the
GraphQL API