GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,704
Composer 4,237
Erlang 31
GitHub Actions 20
Go 2,000
Maven 5,183
npm 3,711
NuGet 661
pip 3,383
Pub 11
RubyGems 885
Rust 849
Swift 36

Unreviewed advisories

All unreviewed 235,486

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

150 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated,... Moderate Unreviewed

CVE-2021-1484 was published Nov 15, 2024

Argument injection in Ivanti Connect Secure before version 22.7R2.2 and 9.1R18.9 and Ivanti... Critical Unreviewed

CVE-2024-38656 was published Nov 13, 2024

Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti... Critical Unreviewed

CVE-2024-39711 was published Nov 13, 2024

Argument injection in Ivanti Connect Secure before version 22.7R2 and 9.1R18.7 and Ivanti Policy... Critical Unreviewed

CVE-2024-39710 was published Nov 13, 2024

Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti... Critical Unreviewed

CVE-2024-39712 was published Nov 13, 2024

Argument injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure... Critical Unreviewed

CVE-2024-38655 was published Nov 13, 2024

A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0).... Critical Unreviewed

CVE-2024-47553 was published Oct 8, 2024

A vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC), formerly Cisco Data Center... Moderate Unreviewed

CVE-2024-20444 was published Oct 2, 2024

The Relevanssi Live Ajax Search plugin for WordPress is vulnerable to argument injection in all... Moderate Unreviewed

CVE-2024-7573 was published Aug 28, 2024

The product allows user input to control or influence paths or file names that are used in... Critical Unreviewed

CVE-2024-3980 was published Aug 27, 2024

A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the... Moderate Unreviewed

CVE-2024-41711 was published Aug 13, 2024

A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the... Moderate Unreviewed

CVE-2024-41710 was published Aug 12, 2024

Argument Injection Leading to Remote Code Execution in Realtime Graph Extension, allowing... Unknown Unreviewed

CVE-2024-35307 was published Jun 10, 2024

Inductive Automation Ignition getParams Argument Injection Remote Code Execution Vulnerability.... High Unreviewed

CVE-2023-50232 was published May 3, 2024

Linux Mint Xreader CBT File Parsing Argument Injection Remote Code Execution Vulnerability. This... High Unreviewed

CVE-2023-44452 was published May 3, 2024

A vulnerability on Mitel 6800 Series and 6900 Series SIP Phones, including 6970 Conference Unit,... Moderate Unreviewed

CVE-2024-31966 was published May 2, 2024

A server side request forgery vulnerability was identified in GitHub Enterprise Server that... High Unreviewed

CVE-2024-3684 was published Apr 19, 2024

Argument injection in websphere_mq agent plugin in Checkmk 2.0.0, 2.1.0, <2.2.0p25 and <2.3.0b5... Moderate Unreviewed

CVE-2024-3367 was published Apr 16, 2024

aEnrich Technology a+HRD's functionality for downloading files using youtube-dl.exe does not... Moderate Unreviewed

CVE-2024-3775 was published Apr 15, 2024

A remote, unauthenticated attacker may be able to send crafted messages to the web server of the... High Unreviewed

CVE-2024-22182 was published Mar 1, 2024

A vulnerability in the application CLI of Cisco Prime Infrastructure and Cisco Evolved... Moderate Unreviewed

CVE-2023-20260 was published Jan 17, 2024

A vulnerability in the web-based management interface of the Cisco WAP371 Wireless-AC/N Dual... Moderate Unreviewed

CVE-2024-20287 was published Jan 17, 2024

Apache OpenOffice documents can contain links that call internal macros with arbitrary arguments.... High Unreviewed

CVE-2023-47804 was published Dec 29, 2023

Improper neutralization of argument delimiters in a command ('Argument Injection') vulnerability... High Unreviewed

CVE-2023-46681 was published Dec 26, 2023

An OS command injection vulnerability in the XML API of Palo Alto Networks PAN-OS software... Moderate Unreviewed

CVE-2023-6792 was published Dec 13, 2023

Previous 1 2 3 4 5 6 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

150 advisories