GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
2,320 advisories
Filter by severity
A vulnerability was found in didi Super-Jacoco 1.0. It has been declared as critical. This...
Moderate
Unreviewed
CVE-2024-10435
was published
Oct 28, 2024
A vulnerability classified as critical has been found in WAVLINK WN530H4, WN530HG4 and WN572HG3...
High
Unreviewed
CVE-2024-10429
was published
Oct 27, 2024
A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. It has been...
High
Unreviewed
CVE-2024-10428
was published
Oct 27, 2024
A prompt injection vulnerability in the chatbox of Blackbox AI v1.3.95 allows attackers to access...
High
Unreviewed
CVE-2024-48139
was published
Oct 24, 2024
A prompt injection vulnerability in the chatbox of Butterfly Effect Limited Monica ChatGPT AI...
High
Unreviewed
CVE-2024-48142
was published
Oct 24, 2024
A prompt injection vulnerability in the chatbox of Butterfly Effect Limited Monica Your AI...
High
Unreviewed
CVE-2024-48140
was published
Oct 24, 2024
A prompt injection vulnerability in the chatbox of Zhipu AI CodeGeeX v2.17.0 allows attackers to...
High
Unreviewed
CVE-2024-48141
was published
Oct 24, 2024
A prompt injection vulnerability in the chatbox of Fusion Chat Chat AI Assistant Ask Me Anything...
Critical
Unreviewed
CVE-2024-48144
was published
Oct 24, 2024
A prompt injection vulnerability in the chatbox of Netangular Technologies ChatNet AI Version v1...
Critical
Unreviewed
CVE-2024-48145
was published
Oct 24, 2024
Wuhan Tianyu Information Industry Co., Ltd Tianyu CPE Router CommonCPExCPETS_v3.2.468.11.04_P4...
High
Unreviewed
CVE-2024-48441
was published
Oct 24, 2024
Shenzhen Tuoshi Network Communications Co.,Ltd 5G CPE Router NR500-EA RG500UEAABxCOMSLICv3.2.2543...
High
Unreviewed
CVE-2024-48440
was published
Oct 24, 2024
An command injection vulnerability in Trend Micro Cloud Edge could allow a remote attacker to...
Critical
Unreviewed
CVE-2024-48904
was published
Oct 22, 2024
A Command Injection vulnerability in Vilo 5 Mesh WiFi System <= 5.16.1.33 allows remote,...
Critical
Unreviewed
CVE-2024-40089
was published
Oct 21, 2024
A vulnerability in NuPoint Messenger (NPM) of Mitel MiCollab through 9.8.0.33 allows an...
Critical
Unreviewed
CVE-2024-35285
was published
Oct 21, 2024
An issue in DCME-320-L <=9.3.2.114 allows a remote attacker to execute arbitrary code via the...
Critical
Unreviewed
CVE-2024-48659
was published
Oct 21, 2024
A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028 and classified...
Moderate
Unreviewed
CVE-2024-10193
was published
Oct 20, 2024
The `add_llm` function in `llm_app.py` in infiniflow/ragflow version 0.11.0 contains a remote...
Critical
Unreviewed
CVE-2024-10131
was published
Oct 19, 2024
Grafana Command Injection And Local File Inclusion Via Sql Expressions
Critical
CVE-2024-9264
was published
for
github.com/grafana/grafana
(Go)
Oct 18, 2024
Netgear EX6120 v1.0.0.68, Netgear EX6100 v1.0.2.28, and Netgear EX3700 v1.0.0.96 are vulnerable...
High
Unreviewed
CVE-2024-35519
was published
Oct 15, 2024
Netgear R7000 1.0.11.136 is vulnerable to Command Injection in RMT_invite.cgi via device_name2...
High
Unreviewed
CVE-2024-35520
was published
Oct 15, 2024
Netgear EX6120 v1.0.0.68 is vulnerable to Command Injection in genie_fix2.cgi via the...
High
Unreviewed
CVE-2024-35518
was published
Oct 15, 2024
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and...
Critical
Unreviewed
CVE-2024-48153
was published
Oct 14, 2024
Netgear EX3700 ' AC750 WiFi Range Extender Essentials Edition before 1.0.0.98 contains an...
High
Unreviewed
CVE-2024-35522
was published
Oct 12, 2024
Netgear XR1000 v1.0.0.64 is vulnerable to command injection in usb_remote_smb_conf.cgi via the...
High
Unreviewed
CVE-2024-35517
was published
Oct 12, 2024
A vulnerability was discovered in DI_8200-16.07.26A1, which has been classified as critical. This...
High
Unreviewed
CVE-2024-44413
was published
Oct 11, 2024
ProTip!
Advisories are also available from the
GraphQL API