GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 20,704
Composer 4,237
Erlang 31
GitHub Actions 20
Go 2,000
Maven 5,183
npm 3,711
NuGet 661
pip 3,383
Pub 11
RubyGems 885
Rust 849
Swift 36

Unreviewed advisories

All unreviewed 235,477

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

150 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability in the web UI of Cisco SD-WAN vManage Software could allow an authenticated,... Moderate Unreviewed

CVE-2021-1484 was published Nov 15, 2024

Argument injection in Ivanti Connect Secure before version 22.7R2.2 and 9.1R18.9 and Ivanti... Critical Unreviewed

CVE-2024-38656 was published Nov 13, 2024

Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti... Critical Unreviewed

CVE-2024-39711 was published Nov 13, 2024

Argument injection in Ivanti Connect Secure before version 22.7R2 and 9.1R18.7 and Ivanti Policy... Critical Unreviewed

CVE-2024-39710 was published Nov 13, 2024

Argument injection in Ivanti Connect Secure before version 22.7R2.1 and 9.1R18.7 and Ivanti... Critical Unreviewed

CVE-2024-39712 was published Nov 13, 2024

Argument injection in Ivanti Connect Secure before version 22.7R2.1 and Ivanti Policy Secure... Critical Unreviewed

CVE-2024-38655 was published Nov 13, 2024

A vulnerability has been identified in Siemens SINEC Security Monitor (All versions < V4.9.0).... Critical Unreviewed

CVE-2024-47553 was published Oct 8, 2024

A vulnerability in Cisco Nexus Dashboard Fabric Controller (NDFC), formerly Cisco Data Center... Moderate Unreviewed

CVE-2024-20444 was published Oct 2, 2024

The product allows user input to control or influence paths or file names that are used in... Critical Unreviewed

CVE-2024-3980 was published Aug 27, 2024

The Relevanssi Live Ajax Search plugin for WordPress is vulnerable to argument injection in all... Moderate Unreviewed

CVE-2024-7573 was published Aug 28, 2024

Argument injection in websphere_mq agent plugin in Checkmk 2.0.0, 2.1.0, <2.2.0p25 and <2.3.0b5... Moderate Unreviewed

CVE-2024-3367 was published Apr 16, 2024

A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the... Moderate Unreviewed

CVE-2024-41710 was published Aug 12, 2024

A vulnerability in the Mitel 6800 Series, 6900 Series, and 6900w Series SIP Phones, including the... Moderate Unreviewed

CVE-2024-41711 was published Aug 13, 2024

A vulnerability on Mitel 6800 Series and 6900 Series SIP Phones, including 6970 Conference Unit,... Moderate Unreviewed

CVE-2024-31966 was published May 2, 2024

Argument Injection Leading to Remote Code Execution in Realtime Graph Extension, allowing... Unknown Unreviewed

CVE-2024-35307 was published Jun 10, 2024

Linux Mint Xreader CBT File Parsing Argument Injection Remote Code Execution Vulnerability. This... High Unreviewed

CVE-2023-44452 was published May 3, 2024

Inductive Automation Ignition getParams Argument Injection Remote Code Execution Vulnerability.... High Unreviewed

CVE-2023-50232 was published May 3, 2024

A server side request forgery vulnerability was identified in GitHub Enterprise Server that... High Unreviewed

CVE-2024-3684 was published Apr 19, 2024

aEnrich Technology a+HRD's functionality for downloading files using youtube-dl.exe does not... Moderate Unreviewed

CVE-2024-3775 was published Apr 15, 2024

In Docker Desktop on Windows before 4.12.0 an argument injection to installer may result in local... High Unreviewed

CVE-2023-0633 was published Sep 25, 2023

A vulnerability in the Connect Mobility Router component of Mitel MiVoice Connect through 9.6... Moderate Unreviewed

CVE-2023-39288 was published Aug 26, 2023

A vulnerability in the Edge Gateway component of Mitel MiVoice Connect through 19.3 SP3 (22.24... Moderate Unreviewed

CVE-2023-39287 was published Aug 26, 2023

There is a command injection problem in the old version of the mobile phone backup app. Critical Unreviewed

CVE-2023-26310 was published Aug 9, 2023

Connected IO v2.1.0 and prior has an argument injection vulnerability in its AT command message... Critical Unreviewed

CVE-2023-33378 was published Aug 4, 2023

Connected IO v2.1.0 and prior has an argument injection vulnerability in its iptables command... Critical Unreviewed

CVE-2023-33376 was published Aug 4, 2023

Previous 1 2 3 4 5 6 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

150 advisories