Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,105 advisories

Loading
emacsclient-mail.desktop in Emacs 28.1 through 28.2 is vulnerable to shell command injections... Critical Unreviewed
CVE-2023-27985 was published Mar 9, 2023
t0mer BroadlinkManager v5.9.1 was discovered to contain an OS command injection vulnerability via... Moderate Unreviewed
CVE-2025-26320 was published Mar 4, 2025
A command injection vulnerability has been reported to affect several QNAP operating system... Moderate Unreviewed
CVE-2024-53692 was published Mar 7, 2025
On Barracuda CloudGen WAN Private Edge Gateway devices before 8 webui-sdwan-1089-8.3.1-174141891,... High Unreviewed
CVE-2023-26213 was published Mar 4, 2023
A post-authentication command injection vulnerability in the ”zyUtilMailSend” function of the... High Unreviewed
CVE-2024-12010 was published Mar 11, 2025
A post-authentication command injection vulnerability in the "DNSServer” parameter of the... High Unreviewed
CVE-2024-11253 was published Mar 11, 2025
A post-authentication command injection vulnerability in the "ZyEE" function of the Zyxel EX5601... High Unreviewed
CVE-2024-12009 was published Mar 11, 2025
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0... High Unreviewed
CVE-2025-27392 was published Mar 11, 2025
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0... Low Unreviewed
CVE-2025-27398 was published Mar 11, 2025
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0... High Unreviewed
CVE-2025-27394 was published Mar 11, 2025
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0... High Unreviewed
CVE-2025-27393 was published Mar 11, 2025
The authenticated firmware update capability of the firmware for Mennekes Smart / Premium... High Unreviewed
CVE-2025-22366 was published Mar 11, 2025
The authenticated time setting capability of the firmware for Mennekes Smart / Premium... High Unreviewed
CVE-2025-22367 was published Mar 11, 2025
The authenticated SCU firmware command of the firmware for Mennekes Smart / Premium... High Unreviewed
CVE-2025-22368 was published Mar 11, 2025
Multiple improper neutralization of special elements used in an os command ('os command injection... Moderate Unreviewed
CVE-2024-32123 was published Mar 11, 2025
Multiple improper neutralization of special elements used in an OS Command vulnerabilities [CWE... High Unreviewed
CVE-2024-54018 was published Mar 11, 2025
An improper neutralization of special elements used in an OS Command vulnerability [CWE-78] in... High Unreviewed
CVE-2024-52961 was published Mar 11, 2025
Multiple improper neutralization of special elements used in an OS command ('OS Command Injection... High Unreviewed
CVE-2024-55590 was published Mar 11, 2025
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker... High Unreviewed
CVE-2025-20138 was published Mar 12, 2025
There is a command injection vulnerability in the underlying deauthentication service that could... Critical Unreviewed
CVE-2024-31473 was published May 15, 2024
Multiple TP-LINK products allow a network-adjacent attacker with an administrative privilege to... Moderate Unreviewed
CVE-2024-38471 was published Jul 4, 2024
ProtonVPN before 3.2.10 on Windows mishandles the drive installer path, which should use this: '"... Critical Unreviewed
CVE-2024-37391 was published Jul 22, 2024
A Stack-based buffer overflow in the Mobile Management Entity (MME) of Magma versions <= 1.8.0 ... High Unreviewed
CVE-2023-37032 was published Jan 22, 2025
A vulnerability in the web-based management interface of HPE Aruba Networking ClearPass Policy... Moderate Unreviewed
CVE-2025-25039 was published Feb 4, 2025
Code injection in pdf_info Critical
CVE-2022-36231 was published for pdf_info (RubyGems) Feb 24, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database