Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,023
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,155
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+

2,110 advisories

Loading
CasaOS Command Injection vulnerability High
CVE-2023-37469 was published for github.com/IceWhaleTech/CasaOS (Go) Aug 5, 2024
Improper filering of special characters result in a command ('command injection') vulnerability... Critical Unreviewed
CVE-2024-7397 was published Aug 5, 2024
A vulnerability, which was classified as critical, has been found in TOTOLINK CP900 6.3c.566.... Moderate Unreviewed
CVE-2024-7464 was published Aug 5, 2024
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical has been found in Vivotek... Moderate Unreviewed
CVE-2024-7443 was published Aug 3, 2024
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek SD9364 VVTK-0103f. It has... Moderate Unreviewed
CVE-2024-7442 was published Aug 3, 2024
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek CC8160 VVTK-0100d. It has... Moderate Unreviewed
CVE-2024-7440 was published Aug 3, 2024
A vulnerability, which was classified as critical, has been found in D-Link DI-8100 16.07. This... Moderate Unreviewed
CVE-2024-7436 was published Aug 3, 2024
Commands can be injected over the network and executed without authentication. High Unreviewed
CVE-2024-7029 was published Aug 2, 2024
A vulnerability was found in TOTOLINK LR1200 9.3.1cu.2832 and classified as critical. Affected by... Moderate Unreviewed
CVE-2024-7215 was published Jul 30, 2024
A vulnerability has been found in TOTOLINK LR350 9.3.5u.6369_B20220309 and classified as critical... Moderate Unreviewed
CVE-2024-7214 was published Jul 30, 2024
RaspAP allows an attacker to escalate privileges Critical
CVE-2024-41637 was published for billz/raspap-webgui (Composer) Jul 29, 2024
A vulnerability classified as critical was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. This... Moderate Unreviewed
CVE-2024-7181 was published Jul 29, 2024
A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been classified as... High Unreviewed
CVE-2024-7177 was published Jul 29, 2024
A vulnerability, which was classified as critical, was found in TOTOLINK A3600R 4.1.2cu... High Unreviewed
CVE-2024-7174 was published Jul 29, 2024
A vulnerability was found in TOTOLINK A3100R 4.1.2cu.5050_B20200504. It has been declared as... Moderate Unreviewed
CVE-2024-7158 was published Jul 28, 2024
A vulnerability classified as critical has been found in TOTOLINK A3700R 9.1.2u.5822_B20200513.... Moderate Unreviewed
CVE-2024-7160 was published Jul 28, 2024
Starship vulnerable to shell injection via undocumented, unpredictable shell expansion in custom commands High
CVE-2024-41815 was published for starship (Rust) Jul 26, 2024
evanbattaglia
An authenticated command injection vulnerability exists in the HPE Aruba Networking EdgeConnect... Moderate Unreviewed
CVE-2024-41136 was published Jul 24, 2024
A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateway's Command Line... High Unreviewed
CVE-2024-41135 was published Jul 24, 2024
A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateway's Command Line... High Unreviewed
CVE-2024-41133 was published Jul 24, 2024
A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateway's Command Line... High Unreviewed
CVE-2024-41134 was published Jul 24, 2024
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability... Critical Unreviewed
CVE-2024-41319 was published Jul 23, 2024
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability... High Unreviewed
CVE-2024-41320 was published Jul 22, 2024
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability... Critical Unreviewed
CVE-2024-41318 was published Jul 22, 2024
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability... Critical Unreviewed
CVE-2024-41316 was published Jul 22, 2024
ProTip! Advisories are also available from the GraphQL API