GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,279
Erlang
31
GitHub Actions
21
Go
2,056
Maven
5,000+
npm
3,740
NuGet
668
pip
3,421
Pub
12
RubyGems
891
Rust
873
Swift
36
Unreviewed advisories
All unreviewed
5,000+
2,372 advisories
Filter by severity
A vulnerability, which was classified as critical, has been found in DrayTek Vigor2960 and...
Moderate
Unreviewed
CVE-2024-12986
was published
Dec 27, 2024
A vulnerability, which was classified as critical, was found in DrayTek Vigor2960 and Vigor300B 1...
Moderate
Unreviewed
CVE-2024-12987
was published
Dec 27, 2024
A vulnerability classified as critical was found in Overtek OT-E801G OTE801G65.1.1.0. This...
Moderate
Unreviewed
CVE-2024-12985
was published
Dec 27, 2024
A command injection is possible through the user interface, allowing arbitrary command execution...
High
Unreviewed
CVE-2020-13712
was published
Dec 21, 2024
There is a command injection vulnerability in Huawei terminal printer product. Successful...
Critical
Unreviewed
CVE-2022-32203
was published
Dec 20, 2024
In a specific scenario a LDAP user can abuse the authentication process in OpenText Privileged...
High
Unreviewed
CVE-2024-12111
was published
Dec 19, 2024
A command injection vulnerability has been reported to affect several QNAP operating system...
Moderate
Unreviewed
CVE-2023-23356
was published
Dec 19, 2024
In ThreatQuotient ThreatQ before 5.29.3, authenticated users are able to execute arbitrary...
High
Unreviewed
CVE-2024-39703
was published
Dec 18, 2024
Databricks JDBC Driver Command Injection vulnerability
High
CVE-2024-49194
was published
for
com.databricks:databricks-jdbc
(Maven)
Dec 17, 2024
A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support...
Critical
Unreviewed
CVE-2024-12356
was published
Dec 17, 2024
An issue was discovered in Logpoint before 7.5.0. Authenticated users can inject payloads while...
Moderate
Unreviewed
CVE-2024-56085
was published
Dec 16, 2024
An issue was discovered in Logpoint before 7.5.0. Authenticated users can inject payloads in...
High
Unreviewed
CVE-2024-56086
was published
Dec 16, 2024
An issue was discovered in Logpoint before 7.5.0. Authenticated users can inject payloads while...
Moderate
Unreviewed
CVE-2024-56087
was published
Dec 16, 2024
An issue was discovered in Logpoint UniversalNormalizer before 5.7.0. Authenticated users can...
High
Unreviewed
CVE-2024-56084
was published
Dec 16, 2024
In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an...
Critical
Unreviewed
CVE-2024-55956
was published
Dec 13, 2024
Dell ThinOS version 2408 contains an Improper Neutralization of Special Elements used in a...
High
Unreviewed
CVE-2024-53290
was published
Dec 11, 2024
A vulnerability was found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118. It has...
Moderate
Unreviewed
CVE-2024-11651
was published
Dec 11, 2024
A vulnerability was found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118. It has...
Moderate
Unreviewed
CVE-2024-11652
was published
Dec 11, 2024
Command injection in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure...
Critical
Unreviewed
CVE-2024-11634
was published
Dec 10, 2024
Command injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote...
Critical
Unreviewed
CVE-2024-11772
was published
Dec 10, 2024
Missing input validation in the ORing IAP-420 web-interface allows stored Cross-Site Scripting ...
High
Unreviewed
CVE-2024-55544
was published
Dec 10, 2024
SNMP objects in NET-SNMP used in ORing IAP-420 allows Command Injection. This issue affects IAP...
Critical
Unreviewed
CVE-2024-55547
was published
Dec 10, 2024
An injection vulnerability in Barco ClickShare CX-30/20, C-5/10, and ClickShare Bar Pro and Core...
High
Unreviewed
CVE-2024-53919
was published
Dec 10, 2024
A vulnerability was found in WeiYe-Jing datax-web 2.1.1. It has been classified as critical. This...
Moderate
Unreviewed
CVE-2024-12358
was published
Dec 9, 2024
An OS command injection vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If...
Critical
Unreviewed
CVE-2024-50388
was published
Dec 6, 2024
ProTip!
Advisories are also available from the
GraphQL API