GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,237
Erlang
31
GitHub Actions
20
Go
2,000
Maven
5,000+
npm
3,711
NuGet
661
pip
3,383
Pub
11
RubyGems
885
Rust
849
Swift
36
Unreviewed advisories
All unreviewed
5,000+
2,320 advisories
Filter by severity
A Command Injection vulnerability in Juniper Networks Junos Space allows an unauthenticated,...
Moderate
Unreviewed
CVE-2024-39563
was published
Oct 11, 2024
A vulnerability classified as critical was found in Tenda AC1206 up to 15.03.06.23. This...
Moderate
Unreviewed
CVE-2024-9793
was published
Oct 10, 2024
Mware NSX contains a command injection vulnerability.
A malicious actor with access to the NSX...
Moderate
Unreviewed
CVE-2024-38817
was published
Oct 9, 2024
In Progress Telerik Reporting versions prior to 2024 Q3 (2024.3.924), a command injection attack...
High
Unreviewed
CVE-2024-7840
was published
Oct 9, 2024
In linkturbonative service, there is a possible command injection due to improper input...
Moderate
Unreviewed
CVE-2024-39438
was published
Oct 9, 2024
In linkturbonative service, there is a possible command injection due to improper input...
Moderate
Unreviewed
CVE-2024-39436
was published
Oct 9, 2024
In linkturbonative service, there is a possible command injection due to improper input...
Moderate
Unreviewed
CVE-2024-39437
was published
Oct 9, 2024
Visual Studio Code for Linux Remote Code Execution Vulnerability
High
Unreviewed
CVE-2024-43601
was published
Oct 8, 2024
Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability
High
Unreviewed
CVE-2024-43591
was published
Oct 8, 2024
DeepSpeed Remote Code Execution Vulnerability
High
CVE-2024-43497
was published
for
deepspeed
(pip)
Oct 8, 2024
An OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2...
High
Unreviewed
CVE-2024-9380
was published
Oct 8, 2024
A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0)....
Critical
Unreviewed
CVE-2024-47562
was published
Oct 8, 2024
A vulnerability in the restricted shell of Cisco Expressway Series could allow an authenticated,...
Moderate
Unreviewed
CVE-2024-20492
was published
Oct 2, 2024
A vulnerability in the REST API and web UI of Cisco Nexus Dashboard Fabric Controller (NDFC)...
Critical
Unreviewed
CVE-2024-20432
was published
Oct 2, 2024
A vulnerability in the Redfish API of Cisco UCS B-Series, Cisco UCS Managed C-Series, and Cisco...
Moderate
Unreviewed
CVE-2024-20365
was published
Oct 2, 2024
Scriptcase 9.10.023 and before is vulnerable to Remote Code Execution (RCE) via the nm_unzip...
High
Unreviewed
CVE-2024-46084
was published
Oct 1, 2024
PCAN-Ethernet Gateway FD before 1.3.0 and PCAN-Ethernet Gateway before 2.11.0 are vulnerable to...
Moderate
Unreviewed
CVE-2024-44610
was published
Oct 1, 2024
Wiz Code Visual Studio Code extension in versions 1.0.0 up to 1.5.3 and Wiz (legacy) Visual...
High
Unreviewed
CVE-2024-9145
was published
Oct 1, 2024
A Command injection vulnerability in requestLetsEncryptSsl in NginxProxyManager 2.11.3 allows an...
Critical
Unreviewed
CVE-2024-46256
was published
Sep 27, 2024
Dell SmartFabric OS10 Software, versions 10.5.6.x, 10.5.5.x, 10.5.4.x, 10.5.3.x, contains an...
High
Unreviewed
CVE-2024-39577
was published
Sep 26, 2024
Monica AI Assistant desktop application v2.3.0 is vulnerable to Exposure of Sensitive Information...
Moderate
Unreviewed
CVE-2024-45989
was published
Sep 26, 2024
An arbitrary file creation vulnerability exists in PaperCut NG/MF that only affects Windows...
Moderate
Unreviewed
CVE-2024-8405
was published
Sep 26, 2024
In Progress Telerik UI for WinForms versions prior to 2024 Q3 (2024.3.924), a command injection...
High
Unreviewed
CVE-2024-7679
was published
Sep 25, 2024
In Progress Telerik UI for WPF versions prior to 2024 Q3 (2024.3.924), a command injection attack...
High
Unreviewed
CVE-2024-7575
was published
Sep 25, 2024
Command injection vulnerabilities in the underlying CLI service could lead to unauthenticated...
Critical
Unreviewed
CVE-2024-42507
was published
Sep 25, 2024
ProTip!
Advisories are also available from the
GraphQL API