Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,105 advisories

Loading
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements... High Unreviewed
CVE-2025-24385 was published Mar 28, 2025
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements... Critical Unreviewed
CVE-2025-22398 was published Mar 28, 2025
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements... High Unreviewed
CVE-2025-24379 was published Mar 28, 2025
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements... High Unreviewed
CVE-2024-49563 was published Mar 28, 2025
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements... High Unreviewed
CVE-2025-23383 was published Mar 28, 2025
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements... High Unreviewed
CVE-2025-24386 was published Mar 28, 2025
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements... High Unreviewed
CVE-2025-24380 was published Mar 28, 2025
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements... High Unreviewed
CVE-2024-49564 was published Mar 28, 2025
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements... High Unreviewed
CVE-2025-24378 was published Mar 28, 2025
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements... Critical Unreviewed
CVE-2025-24383 was published Mar 28, 2025
Dell Unity, version(s) 5.4 and prior, contain(s) an Improper Neutralization of Special Elements... High Unreviewed
CVE-2024-49601 was published Mar 28, 2025
D-Link DIR_878_FW1.30B08 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-48108 was published Jan 27, 2023
ILIAS 7 before 7.30 and ILIAS 8 before 8.11 as well as ILIAS 9.0 allow remote authenticated... High Unreviewed
CVE-2024-33529 was published May 21, 2024
A critical OS Command Injection vulnerability has been identified in the FAST LTA Silent Brick... Critical Unreviewed
CVE-2025-2071 was published Mar 31, 2025
Os command injection vulnerability in e-solutions e-management. This vulnerability allows an... Critical Unreviewed
CVE-2025-3022 was published Mar 31, 2025
All FLIR AX8 thermal sensor cameras version up to and including 1.46.16 are vulnerable to Remote... Critical Unreviewed
CVE-2022-37061 was published Aug 19, 2022
TOTOLINK A3002R V4.0.0-B20230531.1404 is vulnerable to Command Injection in /bin/boa via bandstr. Critical Unreviewed
CVE-2025-25579 was published Mar 29, 2025
Xorcom CompletePBX is vulnerable to command injection in the administrator Task Scheduler... Critical Unreviewed
CVE-2025-30004 was published Mar 31, 2025
An issue in TOTOLINK A3100R V4.1.2cu.5247_B20211129 allows a remote attacker to execute arbitrary... Critical Unreviewed
CVE-2025-28256 was published Mar 28, 2025
Command injection in smartctl High
CVE-2022-21810 was published for smartctl (npm) Jan 26, 2023
Command injection in vagrant.js Critical
CVE-2022-25962 was published for vagrant.js (npm) Jan 26, 2023
Command Injection in create-choo-electron Critical
CVE-2022-25908 was published for create-choo-electron (npm) Jan 26, 2023
Remote code execution in simple-git Critical
CVE-2022-25860 was published for simple-git (npm) Jan 26, 2023
Command Injection in puppet-facter High
CVE-2022-25350 was published for puppet-facter (npm) Jan 26, 2023
A remote attacker with web administrator privileges can exploit the device’s web interface to... Critical Unreviewed
CVE-2025-0415 was published Apr 2, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database