GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,816

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

4,102 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An OS command injection vulnerability in the admin web console of Ivanti CSA before version 5.0.2... High Unreviewed

CVE-2024-9380 was published Oct 8, 2024

An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated... Critical Unreviewed

CVE-2024-9463 was published Oct 9, 2024

An issue was discovered in Aviatrix Controller before 7.1.4191 and 7.2.x before 7.2.4996. Due to... Critical Unreviewed

CVE-2024-50603 was published Jan 8, 2025

Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote... Critical Unreviewed

CVE-2024-11120 was published Nov 15, 2024

**UNSUPPORTED WHEN ASSIGNED** A post-authentication command injection vulnerability in the... High Unreviewed

CVE-2024-40891 was published Feb 4, 2025

Certain EOL GeoVision devices fail to properly filter user input for the specific functionality.... Critical Unreviewed

CVE-2024-6047 was published Jun 17, 2024

In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache... Critical Unreviewed

CVE-2024-4577 was published Jun 9, 2024

Unauthenticated remote attackers can access the system through the LoadMaster management... Critical Unreviewed

CVE-2024-1212 was published Feb 21, 2024

An OS command injection vulnerability has been found to affect legacy QNAP VioStor NVR models... High Unreviewed

CVE-2023-47565 was published Dec 8, 2023

A vulnerability in the web UI feature of Cisco IOS XE Software could allow an authenticated,... High Unreviewed

CVE-2023-20273 was published Oct 25, 2023

ASUS RT-AX55 v3.0.0.4.386.51598 was discovered to contain an authenticated command injection... High Unreviewed

CVE-2023-39780 was published Sep 11, 2023

OS Command injection vulnerability in D-Link DIR820LA1_FW105B03 allows attackers to escalate... Critical Unreviewed

CVE-2023-25280 was published Mar 16, 2023

SolarView Compact ver.6.00 was discovered to contain a command injection vulnerability via... Critical Unreviewed

CVE-2022-29303 was published May 13, 2022

Zoho ManageEngine ADSelfService Plus before 6122 allows an authenticated user to achieve remote... High Unreviewed

CVE-2022-28810 was published Apr 19, 2022

A command injection vulnerability in the web server of some Hikvision product. Due to the... Critical Unreviewed

CVE-2021-36260 was published May 24, 2022

An OS command injection vulnerability exists in the device network settings functionality of... Critical Unreviewed

CVE-2021-40407 was published Jan 29, 2022

Yealink Device Management (DM) 3.6.0.20 allows command injection as root via the /sm/api/v1... Critical Unreviewed

CVE-2021-27561 was published May 24, 2022

SAP NetWeaver (Visual Composer 7.0 RT) versions - 7.30, 7.31, 7.40, 7.50, without restriction, an... High Unreviewed

CVE-2021-38163 was published May 24, 2022

Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool called 'MP Daemon' that... Critical Unreviewed

CVE-2021-35394 was published May 24, 2022

Improper Input Validation vulnerability in N-able N-central allows OS Command Injection.This... Critical Unreviewed

CVE-2025-8876 was published Aug 14, 2025

The authenticated remote command execution (RCE) vulnerability exists in the Parental Control... High Unreviewed

CVE-2025-9377 was published Aug 29, 2025

A vulnerability in Trend Micro Apex One (on-premise) management console could allow a pre... Critical Unreviewed

CVE-2025-54948 was published Aug 5, 2025

Edimax IC-7100 does not properly neutralize requests. An attacker can create specially crafted... Critical Unreviewed

CVE-2025-1316 was published Mar 5, 2025

A privilege escalation vulnerability in Palo Alto Networks PAN-OS software allows a PAN-OS... Moderate Unreviewed

CVE-2024-9474 was published Nov 18, 2024

A vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support (RS)... Moderate Unreviewed

CVE-2024-12686 was published Dec 18, 2024

Previous 1…7…165 Next

Previous 1 2 … 5 6 7 8 9 … 164 165 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

4,102 advisories