GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,577
Composer 4,992
Erlang 39
GitHub Actions 38
Go 2,634
Maven 6,103
npm 4,258
NuGet 760
pip 4,051
Pub 12
RubyGems 955
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,294

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,072 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Tenda ac9 v1.0 firmware v15.03.05.19 is vulnerable to command injection in /goform/SetSambaCfg,... Critical Unreviewed

CVE-2025-22949 was published Jan 10, 2025

Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the... Critical Unreviewed

CVE-2024-57223 was published Jan 10, 2025

Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the... Critical Unreviewed

CVE-2024-57224 was published Jan 10, 2025

Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the... Critical Unreviewed

CVE-2024-57225 was published Jan 10, 2025

A vulnerability exits in driver SmSerl64.sys in Motorola SM56 Modem WDM Driver v6.12.23.0, which... Critical Unreviewed

CVE-2024-55414 was published Jan 7, 2025

There is a command injection vulnerability in Huawei terminal printer product. Successful... Critical Unreviewed

CVE-2022-32203 was published Dec 20, 2024

SeaCMS <=13.0 is vulnerable to command execution in phome.php via the function... Critical Unreviewed

CVE-2024-55461 was published Dec 19, 2024

A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support... Critical Unreviewed

CVE-2024-12356 was published Dec 17, 2024

In Cleo Harmony before 5.8.0.24, VLTrader before 5.8.0.24, and LexiCom before 5.8.0.24, an... Critical Unreviewed

CVE-2024-55956 was published Dec 13, 2024

Command injection in the admin web console of Ivanti CSA before version 5.0.3 allows a remote... Critical Unreviewed

CVE-2024-11772 was published Dec 10, 2024

Command injection in Ivanti Connect Secure before version 22.7R2.3 and Ivanti Policy Secure... Critical Unreviewed

CVE-2024-11634 was published Dec 10, 2024

SNMP objects in NET-SNMP used in ORing IAP-420 allows Command Injection. This issue affects IAP... Critical Unreviewed

CVE-2024-55547 was published Dec 10, 2024

An OS command injection vulnerability has been reported to affect HBS 3 Hybrid Backup Sync. If... Critical Unreviewed

CVE-2024-50388 was published Dec 6, 2024

An OS command injection vulnerability has been reported to affect several product versions. If... Critical Unreviewed

CVE-2024-48860 was published Nov 22, 2024

An LDAP injection vulnerability in the login page of Gladinet CentreStack v13.12.9934.54690... Critical Unreviewed

CVE-2024-37782 was published Nov 22, 2024

D-Link DI-8200 16.07.26A1 is vulnerable to remote command execution in the msp_info_htm function... Critical Unreviewed

CVE-2024-51151 was published Nov 22, 2024

An issue in Kasda LinkSmart Router KW5515 v1.7 and before allows an authenticated remote attacker... Critical Unreviewed

CVE-2024-33439 was published Nov 20, 2024

Multiple OS Command Injection vulnerabilities affecting Kasda KW6512 router software version... Critical Unreviewed

CVE-2024-29292 was published Nov 20, 2024

Improper neutralization of special elements used in a command ('Command Injection') vulnerability... Critical Unreviewed

CVE-2024-10443 was published Nov 15, 2024

An issue in DLink DWR 2000M 5G CPE With Wifi 6 Ax1800 and Dlink DWR 5G CPE DWR-2000M_1.34ME... Critical Unreviewed

CVE-2024-28729 was published Nov 13, 2024

Sublime Text 4 was discovered to contain a command injection vulnerability via the New Build... Critical Unreviewed

CVE-2024-25255 was published Nov 12, 2024

A vulnerability in the web-based management interface of Cisco Unified Industrial Wireless... Critical Unreviewed

CVE-2024-20418 was published Nov 6, 2024

Command injection vulnerability in the underlying CLI service could lead to unauthenticated... Critical Unreviewed

CVE-2024-47460 was published Nov 6, 2024

Command injection vulnerability in the underlying CLI service could lead to unauthenticated... Critical Unreviewed

CVE-2024-42509 was published Nov 6, 2024

An issue in Lens Visual integration with Power BI v.4.0.0.3 allows a remote attacker to execute... Critical Unreviewed

CVE-2024-48746 was published Nov 6, 2024

Previous 1…5…43 Next

Previous 1 2 3 4 5 6 7 … 42 43 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,072 advisories