GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,536
Composer 4,189
Erlang 31
GitHub Actions 19
Go 1,985
Maven 5,160
npm 3,701
NuGet 657
pip 3,326
Pub 11
RubyGems 882
Rust 836
Swift 35

Unreviewed advisories

All unreviewed 233,409

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

673 advisories

Filter by severity

Sort by

Least recently updated

In the mintupload package through 4.2.0 for Linux Mint, service-name mishandling leads to command... Critical Unreviewed

CVE-2024-36053 was published May 19, 2024

Zabbix server can perform command execution for configured scripts. After command is executed,... Critical Unreviewed

CVE-2024-22120 was published May 17, 2024

Improper input validation in some Intel(R) Neural Compressor software before version 2.5.0 may... Critical Unreviewed

CVE-2024-22476 was published May 16, 2024

This vulnerability exists in Digisol Router (DG-GR1321: Hardware version 3.7L; Firmware version ... Critical Unreviewed

CVE-2024-2257 was published May 14, 2024

In multiple locations, there is a possible failure to persist or enforce user restrictions due to... Critical Unreviewed

CVE-2024-23705 was published May 7, 2024

A SQLi vulnerability exists in Delta Electronics DIAEnergie v1.10.1.8610 and prior when CEBC.exe... Critical Unreviewed

CVE-2024-4547 was published May 6, 2024

An SQLi vulnerability exists in Delta Electronics DIAEnergie v1.10.1.8610 and prior when CEBC.exe... Critical Unreviewed

CVE-2024-4548 was published May 6, 2024

A cross-site scripting (XSS) vulnerability in netis-systems MEX605 v2.00.06 allows attackers to... Critical Unreviewed

CVE-2024-33792 was published May 3, 2024

An Improper input validation vulnerability that could potentially lead to privilege escalation... Critical Unreviewed

CVE-2024-4142 was published May 1, 2024

In mintplex-labs/anything-llm, an attacker can exploit improper input validation by sending a... Critical Unreviewed

CVE-2024-3029 was published Apr 16, 2024

A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS... Critical Unreviewed

CVE-2024-3400 was published Apr 12, 2024

Adobe Commerce versions 2.4.6-p4, 2.4.5-p6, 2.4.4-p7, 2.4.7-beta3 and earlier are affected by an... Critical Unreviewed

CVE-2024-20758 was published Apr 10, 2024

Memory corruption while redirecting log file to any file location with any file name. Critical Unreviewed

CVE-2024-21473 was published Apr 1, 2024

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an... Critical Unreviewed

CVE-2024-2443 was published Mar 21, 2024

In access_secure_service_from_temp_bond of btm_sec.cc, there is a possible way to achieve... Critical Unreviewed

CVE-2024-23717 was published Mar 11, 2024

Memory corruption in Core Services while executing the command for removing a single event listener. Critical Unreviewed

CVE-2023-28578 was published Mar 4, 2024

In wlan service, there is a possible out of bounds write due to improper input validation. This... Critical Unreviewed

CVE-2024-20017 was published Mar 4, 2024

Enabling Simple Ajax Uploader plugin included in Laragon open-source software allows for a remote... Critical Unreviewed

CVE-2024-0864 was published Feb 29, 2024

The SE menu contains information used by Lexmark to diagnose device errors. A vulnerability in... Critical Unreviewed

CVE-2023-50737 was published Feb 28, 2024

In attp_build_read_by_type_value_cmd of att_protocol.cc , there is a possible out of bounds write... Critical Unreviewed

CVE-2024-0031 was published Feb 16, 2024

Dell OS10 Networking Switches running 10.5.2.x and above contain an OS command injection... Critical Unreviewed

CVE-2023-32462 was published Feb 15, 2024

Dell Networking Switches running Enterprise SONiC versions 4.1.0, 4.0.5, 3.5.4 and below... Critical Unreviewed

CVE-2023-32484 was published Feb 15, 2024

Improper input validation in Zoom Desktop Client for Windows, Zoom VDI Client for Windows, and... Critical Unreviewed

CVE-2024-24691 was published Feb 14, 2024

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an... Critical Unreviewed

CVE-2024-1369 was published Feb 13, 2024

A command injection vulnerability was identified in GitHub Enterprise Server that allowed an... Critical Unreviewed

CVE-2024-1372 was published Feb 13, 2024

Previous 1 2 3 4 5 … 26 27 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

673 advisories