GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Language support
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,077
Erlang
29
GitHub Actions
19
Go
1,902
Maven
5,000+
npm
3,631
NuGet
638
pip
3,246
Pub
10
RubyGems
863
Rust
818
Swift
35
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
3,207 advisories
Filter by severity
UltiMaker Cura slicer versions 5.7.0-beta.1 through 5.7.2 are vulnerable to code injection via...
High
Unreviewed
CVE-2024-8374
was published
Sep 3, 2024
D-Link DAP-2310 Hardware A Firmware 1.16RC028 allows remote attackers to execute arbitrary code...
Critical
Unreviewed
CVE-2024-45623
was published
Sep 2, 2024
RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via...
Critical
Unreviewed
CVE-2024-41369
was published
Aug 29, 2024
RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via...
Critical
Unreviewed
CVE-2024-41368
was published
Aug 29, 2024
RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via...
Critical
Unreviewed
CVE-2024-41367
was published
Aug 29, 2024
RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via...
Critical
Unreviewed
CVE-2024-41361
was published
Aug 29, 2024
RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via...
Critical
Unreviewed
CVE-2024-41366
was published
Aug 29, 2024
RPi-Jukebox-RFID v2.7.0 was discovered to contain a remote code execution (RCE) vulnerability via...
Critical
Unreviewed
CVE-2024-41364
was published
Aug 29, 2024
Improper Control of Generation of Code ('Code Injection') vulnerability in NitroPack Inc....
Moderate
Unreviewed
CVE-2024-43922
was published
Aug 29, 2024
A code execution vulnerability exists in the XiaomiGetApps application product. This...
High
Unreviewed
CVE-2023-26324
was published
Aug 28, 2024
A code execution vulnerability exists in the XiaomiGetApps application product. This...
High
Unreviewed
CVE-2023-26322
was published
Aug 28, 2024
A code execution vulnerability exists in the XiaomiGetApps application product. This...
High
Unreviewed
CVE-2024-45346
was published
Aug 28, 2024
HP Security Manager is potentially vulnerable to Remote Code Execution as a result of code...
Critical
Unreviewed
CVE-2024-7720
was published
Aug 27, 2024
The App::cpanminus package through 1.7047 for Perl downloads code via insecure HTTP, enabling...
Critical
Unreviewed
CVE-2024-45321
was published
Aug 27, 2024
The Image Hotspot by DevVN plugin for WordPress is vulnerable to PHP Object Injection in all...
High
Unreviewed
CVE-2024-7656
was published
Aug 24, 2024
An eval Injection vulnerability in the component invesalius/reader/dicom.py of InVesalius 3.1...
High
Unreviewed
CVE-2024-42845
was published
Aug 23, 2024
An issue in Netgear DGN1000WW v.1.1.00.45 allows a remote attacker to execute arbitrary code via...
High
Unreviewed
CVE-2024-42756
was published
Aug 23, 2024
Zohocorp ManageEngine OpManager and Remote Monitoring and Management versions 128329 and below...
High
Unreviewed
CVE-2024-5466
was published
Aug 23, 2024
The File Manager Pro plugin for WordPress is vulnerable to arbitrary file uploads due to missing...
High
Unreviewed
CVE-2024-7559
was published
Aug 23, 2024
SeaCMS 13.0 has a remote code execution vulnerability. The reason for this vulnerability is that...
High
Unreviewed
CVE-2024-42599
was published
Aug 22, 2024
SeaCMS 13.0 has a remote code execution vulnerability. The reason for this vulnerability is that...
Moderate
Unreviewed
CVE-2024-42598
was published
Aug 20, 2024
A vulnerability, which was classified as critical, has been found in InnoCMS 0.3.1. This issue...
Moderate
Unreviewed
CVE-2024-7899
was published
Aug 17, 2024
A Command Injection vulnerability exists in formWriteFacMac of the httpd binary in Tenda AC9 v15...
Critical
Unreviewed
CVE-2024-42634
was published
Aug 16, 2024
In TOTOLINK X5000r v9.1.0cu.2350_b20230313, the file /cgi-bin/cstecgi.cgi contains an OS command...
High
Unreviewed
CVE-2024-42739
was published
Aug 13, 2024
An issue in D3D Security D3D IP Camera (D8801) v.V9.1.17.1.4-20180428 allows a local attacker to...
Critical
Unreviewed
CVE-2024-41623
was published
Aug 13, 2024
ProTip!
Advisories are also available from the
GraphQL API