Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

960 advisories

Loading
DrayTek Vigor3900 1.5.1.3 allows attackers to inject malicious commands into mainfunction.cgi and... High Unreviewed
CVE-2024-51257 was published Oct 30, 2024
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and... High Unreviewed
CVE-2024-51301 was published Oct 30, 2024
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and... High Unreviewed
CVE-2024-51296 was published Oct 30, 2024
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and... High Unreviewed
CVE-2024-51300 was published Oct 30, 2024
In Draytek Vigor3900 1.5.1.3, attackers can inject malicious commands into mainfunction.cgi and... High Unreviewed
CVE-2024-51304 was published Oct 30, 2024
Command injection vulnerability in the Edge Computing UI for the TRO600 series radios that allows... High Unreviewed
CVE-2024-41153 was published Oct 29, 2024
A vulnerability classified as critical has been found in WAVLINK WN530H4, WN530HG4 and WN572HG3... High Unreviewed
CVE-2024-10429 was published Oct 27, 2024
A vulnerability was found in WAVLINK WN530H4, WN530HG4 and WN572HG3 up to 20221028. It has been... High Unreviewed
CVE-2024-10428 was published Oct 27, 2024
A prompt injection vulnerability in the chatbox of Butterfly Effect Limited Monica ChatGPT AI... High Unreviewed
CVE-2024-48142 was published Oct 24, 2024
A prompt injection vulnerability in the chatbox of Blackbox AI v1.3.95 allows attackers to access... High Unreviewed
CVE-2024-48139 was published Oct 24, 2024
A prompt injection vulnerability in the chatbox of Butterfly Effect Limited Monica Your AI... High Unreviewed
CVE-2024-48140 was published Oct 24, 2024
A prompt injection vulnerability in the chatbox of Zhipu AI CodeGeeX v2.17.0 allows attackers to... High Unreviewed
CVE-2024-48141 was published Oct 24, 2024
Shenzhen Tuoshi Network Communications Co.,Ltd 5G CPE Router NR500-EA RG500UEAABxCOMSLICv3.2.2543... High Unreviewed
CVE-2024-48440 was published Oct 24, 2024
Wuhan Tianyu Information Industry Co., Ltd Tianyu CPE Router CommonCPExCPETS_v3.2.468.11.04_P4... High Unreviewed
CVE-2024-48441 was published Oct 24, 2024
Netgear EX6120 v1.0.0.68, Netgear EX6100 v1.0.2.28, and Netgear EX3700 v1.0.0.96 are vulnerable... High Unreviewed
CVE-2024-35519 was published Oct 15, 2024
Netgear EX6120 v1.0.0.68 is vulnerable to Command Injection in genie_fix2.cgi via the... High Unreviewed
CVE-2024-35518 was published Oct 15, 2024
Netgear R7000 1.0.11.136 is vulnerable to Command Injection in RMT_invite.cgi via device_name2... High Unreviewed
CVE-2024-35520 was published Oct 15, 2024
Netgear XR1000 v1.0.0.64 is vulnerable to command injection in usb_remote_smb_conf.cgi via the... High Unreviewed
CVE-2024-35517 was published Oct 12, 2024
Netgear EX3700 ' AC750 WiFi Range Extender Essentials Edition before 1.0.0.98 contains an... High Unreviewed
CVE-2024-35522 was published Oct 12, 2024
A vulnerability was discovered in DI_8200-16.07.26A1, which has been classified as critical. This... High Unreviewed
CVE-2024-44413 was published Oct 11, 2024
In Progress Telerik Reporting versions prior to 2024 Q3 (2024.3.924), a command injection attack... High Unreviewed
CVE-2024-7840 was published Oct 9, 2024
Azure Command Line Integration (CLI) Elevation of Privilege Vulnerability High Unreviewed
CVE-2024-43591 was published Oct 8, 2024
Visual Studio Code for Linux Remote Code Execution Vulnerability High Unreviewed
CVE-2024-43601 was published Oct 8, 2024
An OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2... High Unreviewed
CVE-2024-9380 was published Oct 8, 2024
Scriptcase 9.10.023 and before is vulnerable to Remote Code Execution (RCE) via the nm_unzip... High Unreviewed
CVE-2024-46084 was published Oct 1, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database