Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
61
GitHub Actions
50
Go
3,821
Maven
5,000+
npm
5,000+
NuGet
939
pip
5,000+
Pub
13
RubyGems
1,059
Rust
1,357
Swift
54
Unreviewed advisories
All unreviewed
5,000+

30,221 advisories

Loading
Tenda AX9 V22.03.01.46 is vulnerable to command injection. Critical Unreviewed
CVE-2023-49435 was published Dec 7, 2023
Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the 'list'... Critical Unreviewed
CVE-2023-49434 was published Dec 7, 2023
Tenda AX9 V22.03.01.46 was discovered to contain a SQL command injection vulnerability in the ... Critical Unreviewed
CVE-2023-49429 was published Dec 7, 2023
Tenda W30E V16.01.0.12(4843) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2023-49403 was published Dec 7, 2023
Tenda AX9 V22.03.01.46 has been discovered to contain a command injection vulnerability in the ... Critical Unreviewed
CVE-2023-49436 was published Dec 7, 2023
Tenda W30E V16.01.0.12(4843) was discovered to contain a stack overflow via the function via the... Critical Unreviewed
CVE-2023-49410 was published Dec 7, 2023
Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the 'list'... Critical Unreviewed
CVE-2023-49433 was published Dec 7, 2023
Tenda W30E V16.01.0.12(4843) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2023-49999 was published Dec 7, 2023
Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the 'list'... Critical Unreviewed
CVE-2023-49430 was published Dec 7, 2023
Tenda AX9 V22.03.01.46 has been found to contain a stack overflow vulnerability in the ... Critical Unreviewed
CVE-2023-49432 was published Dec 7, 2023
Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via the list parameter at ... Critical Unreviewed
CVE-2023-49424 was published Dec 7, 2023
Tenda AX12 V22.03.01.46 has been discovered to contain a command injection vulnerability in the ... Critical Unreviewed
CVE-2023-49428 was published Dec 7, 2023
The affected devices transmit sensitive information unencrypted allowing a remote unauthenticated... Critical Unreviewed
CVE-2023-39172 was published Dec 7, 2023
The affected devices use publicly available default credentials with administrative privileges. Critical Unreviewed
CVE-2023-39169 was published Dec 7, 2023
Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via the list parameter at ... Critical Unreviewed
CVE-2023-49426 was published Dec 7, 2023
Tenda AX12 V22.03.01.46 was discovered to contain a stack overflow via the deviceList parameter... Critical Unreviewed
CVE-2023-49425 was published Dec 7, 2023
Tenda AX12 V22.03.01.46 has been discovered to contain a command injection vulnerability in the ... Critical Unreviewed
CVE-2023-49437 was published Dec 7, 2023
Improper Restriction of Excessive Authentication Attempts vulnerability in Be Devious Web... Critical Unreviewed
CVE-2023-35039 was published Dec 7, 2023
Apache Struts vulnerable to path traversal Critical
CVE-2023-50164 was published for org.apache.struts:struts2-core (Maven) Dec 7, 2023
yoshizawa-masatoshi Credited to yoshizawa-masatoshi and henrikplate henrikplate henrikplate
TOTOLINK N300RT version 3.2.4-B20180730.0906 has a post-authentication RCE due to incorrect... Critical Unreviewed
CVE-2023-48860 was published Dec 7, 2023
A Blind SQL injection issue in ajax.php in GaatiTrack Courier Management System 1.0 allows an... Critical Unreviewed
CVE-2023-48823 was published Dec 7, 2023
strongSwan before 5.9.12 has a buffer overflow and possible unauthenticated remote code execution... Critical Unreviewed
CVE-2023-41913 was published Dec 7, 2023
The Burst Statistics – Privacy-Friendly Analytics for WordPress plugin for WordPress is... Critical Unreviewed
CVE-2023-5761 was published Dec 7, 2023
In the module "Product Tag Icons Pro" (ticons) before 1.8.4 from MyPresta.eu for PrestaShop, a... Critical Unreviewed
CVE-2023-46353 was published Dec 7, 2023
The login REST API in ProLion CryptoSpike 3.0.15P2 (when LDAP or Active Directory is used as the... Critical Unreviewed
CVE-2023-36655 was published Dec 6, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database