GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,273
Erlang
31
GitHub Actions
21
Go
2,055
Maven
5,000+
npm
3,739
NuGet
668
pip
3,417
Pub
12
RubyGems
891
Rust
872
Swift
36
Unreviewed advisories
All unreviewed
5,000+
2,368 advisories
Filter by severity
There is a command injection vulnerability in Huawei terminal printer product. Successful...
Critical
Unreviewed
CVE-2022-32203
was published
Dec 20, 2024
In a specific scenario a LDAP user can abuse the authentication process in OpenText Privileged...
High
Unreviewed
CVE-2024-12111
was published
Dec 19, 2024
A command injection vulnerability has been reported to affect several QNAP operating system...
Moderate
Unreviewed
CVE-2023-23356
was published
Dec 19, 2024
In ThreatQuotient ThreatQ before 5.29.3, authenticated users are able to execute arbitrary...
High
Unreviewed
CVE-2024-39703
was published
Dec 18, 2024
Databricks JDBC Driver Command Injection vulnerability
High
CVE-2024-49194
was published
for
com.databricks:databricks-jdbc
(Maven)
Dec 17, 2024
A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support...
Critical
Unreviewed
CVE-2024-12356
was published
Dec 17, 2024
An issue was discovered in Logpoint before 7.5.0. Authenticated users can inject payloads while...
Moderate
Unreviewed
CVE-2024-56085
was published
Dec 16, 2024
An issue was discovered in Logpoint before 7.5.0. Authenticated users can inject payloads while...
Moderate
Unreviewed
CVE-2024-56087
was published
Dec 16, 2024
An issue was discovered in Logpoint before 7.5.0. Authenticated users can inject payloads in...
High
Unreviewed
CVE-2024-56086
was published
Dec 16, 2024
An issue was discovered in Logpoint UniversalNormalizer before 5.7.0. Authenticated users can...
High
Unreviewed
CVE-2024-56084
was published
Dec 16, 2024
In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an...
Critical
Unreviewed
CVE-2024-55956
was published
Dec 13, 2024
Dell ThinOS version 2408 contains an Improper Neutralization of Special Elements used in a...
High
Unreviewed
CVE-2024-53290
was published
Dec 11, 2024
A vulnerability was found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118. It has...
Moderate
Unreviewed
CVE-2024-11651
was published
Dec 11, 2024
A vulnerability was found in EnGenius ENH1350EXT, ENS500-AC and ENS620EXT up to 20241118. It has...
Moderate
Unreviewed
CVE-2024-11652
was published
Dec 11, 2024
Command injection in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure...
Critical
Unreviewed
CVE-2024-11634
was published
Dec 10, 2024
Command injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote...
Critical
Unreviewed
CVE-2024-11772
was published
Dec 10, 2024
Missing input validation in the ORing IAP-420 web-interface allows stored Cross-Site Scripting ...
High
Unreviewed
CVE-2024-55544
was published
Dec 10, 2024
SNMP objects in NET-SNMP used in ORing IAP-420 allows Command Injection. This issue affects IAP...
Critical
Unreviewed
CVE-2024-55547
was published
Dec 10, 2024
An injection vulnerability in Barco ClickShare CX-30/20, C-5/10, and ClickShare Bar Pro and Core...
High
Unreviewed
CVE-2024-53919
was published
Dec 10, 2024
A vulnerability was found in WeiYe-Jing datax-web 2.1.1. It has been classified as critical. This...
Moderate
Unreviewed
CVE-2024-12358
was published
Dec 9, 2024
An OS command injection vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If...
Critical
Unreviewed
CVE-2024-50388
was published
Dec 6, 2024
An issue in Beijing Digital China Yunke Information Technology Co.Ltd v.7.2.6.120 allows a remote...
High
Unreviewed
CVE-2024-51114
was published
Dec 3, 2024
A vulnerability in the ClearPass Policy Manager web-based management interface allows remote...
Moderate
Unreviewed
CVE-2024-53672
was published
Dec 3, 2024
An authenticated RCE vulnerability in the ClearPass Policy Manager web-based management interface...
Moderate
Unreviewed
CVE-2024-51772
was published
Dec 3, 2024
A vulnerability in the HPE Aruba Networking ClearPass Policy Manager web-based management...
High
Unreviewed
CVE-2024-51771
was published
Dec 3, 2024
ProTip!
Advisories are also available from the
GraphQL API