GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,023
Erlang
29
GitHub Actions
16
Go
1,830
Maven
5,000+
npm
3,573
NuGet
632
pip
3,155
Pub
10
RubyGems
847
Rust
796
Swift
34
Unreviewed advisories
All unreviewed
5,000+
2,110 advisories
Filter by severity
CasaOS Command Injection vulnerability
High
CVE-2023-37469
was published
for
github.com/IceWhaleTech/CasaOS
(Go)
Aug 5, 2024
Improper filering of special characters result in a command ('command injection') vulnerability...
Critical
Unreviewed
CVE-2024-7397
was published
Aug 5, 2024
A vulnerability, which was classified as critical, has been found in TOTOLINK CP900 6.3c.566....
Moderate
Unreviewed
CVE-2024-7464
was published
Aug 5, 2024
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability classified as critical has been found in Vivotek...
Moderate
Unreviewed
CVE-2024-7443
was published
Aug 3, 2024
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek SD9364 VVTK-0103f. It has...
Moderate
Unreviewed
CVE-2024-7442
was published
Aug 3, 2024
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in Vivotek CC8160 VVTK-0100d. It has...
Moderate
Unreviewed
CVE-2024-7440
was published
Aug 3, 2024
A vulnerability, which was classified as critical, has been found in D-Link DI-8100 16.07. This...
Moderate
Unreviewed
CVE-2024-7436
was published
Aug 3, 2024
Commands can be injected over the network and executed without authentication.
High
Unreviewed
CVE-2024-7029
was published
Aug 2, 2024
A vulnerability was found in TOTOLINK LR1200 9.3.1cu.2832 and classified as critical. Affected by...
Moderate
Unreviewed
CVE-2024-7215
was published
Jul 30, 2024
A vulnerability has been found in TOTOLINK LR350 9.3.5u.6369_B20220309 and classified as critical...
Moderate
Unreviewed
CVE-2024-7214
was published
Jul 30, 2024
RaspAP allows an attacker to escalate privileges
Critical
CVE-2024-41637
was published
for
billz/raspap-webgui
(Composer)
Jul 29, 2024
A vulnerability classified as critical was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. This...
Moderate
Unreviewed
CVE-2024-7181
was published
Jul 29, 2024
A vulnerability was found in TOTOLINK A3600R 4.1.2cu.5182_B20201102. It has been classified as...
High
Unreviewed
CVE-2024-7177
was published
Jul 29, 2024
A vulnerability, which was classified as critical, was found in TOTOLINK A3600R 4.1.2cu...
High
Unreviewed
CVE-2024-7174
was published
Jul 29, 2024
A vulnerability was found in TOTOLINK A3100R 4.1.2cu.5050_B20200504. It has been declared as...
Moderate
Unreviewed
CVE-2024-7158
was published
Jul 28, 2024
A vulnerability classified as critical has been found in TOTOLINK A3700R 9.1.2u.5822_B20200513....
Moderate
Unreviewed
CVE-2024-7160
was published
Jul 28, 2024
Starship vulnerable to shell injection via undocumented, unpredictable shell expansion in custom commands
High
CVE-2024-41815
was published
for
starship
(Rust)
Jul 26, 2024
An authenticated command injection vulnerability exists in the HPE Aruba Networking EdgeConnect...
Moderate
Unreviewed
CVE-2024-41136
was published
Jul 24, 2024
A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateway's Command Line...
High
Unreviewed
CVE-2024-41135
was published
Jul 24, 2024
A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateway's Command Line...
High
Unreviewed
CVE-2024-41133
was published
Jul 24, 2024
A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN gateway's Command Line...
High
Unreviewed
CVE-2024-41134
was published
Jul 24, 2024
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability...
Critical
Unreviewed
CVE-2024-41319
was published
Jul 23, 2024
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability...
High
Unreviewed
CVE-2024-41320
was published
Jul 22, 2024
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability...
Critical
Unreviewed
CVE-2024-41318
was published
Jul 22, 2024
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability...
Critical
Unreviewed
CVE-2024-41316
was published
Jul 22, 2024
ProTip!
Advisories are also available from the
GraphQL API