GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,638
Composer 5,007
Erlang 39
GitHub Actions 38
Go 2,645
Maven 6,108
npm 4,271
NuGet 760
pip 4,065
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,136

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

4,104 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

This vulnerability involves command injection in tcpdump within Moxa products, enabling an... High Unreviewed

CVE-2025-0676 was published Apr 2, 2025

Drupal AI Vulnerable to OS Command Injection via Optional Automator Types Moderate

CVE-2025-31692 was published for drupal/ai (Composer) Apr 1, 2025

The management portal component of JetNexus/EdgeNexus ADC 4.2.8 was discovered to contain a... High Unreviewed

CVE-2022-37718 was published Jan 23, 2023

A vulnerability classified as critical was found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. This... Moderate Unreviewed

CVE-2025-2096 was published Mar 8, 2025

A vulnerability was found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. It has been rated as... Moderate Unreviewed

CVE-2025-2094 was published Mar 8, 2025

A vulnerability classified as critical has been found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316.... Moderate Unreviewed

CVE-2025-2095 was published Mar 8, 2025

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection... Critical Unreviewed

CVE-2022-48121 was published Jan 20, 2023

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection... Critical Unreviewed

CVE-2022-48122 was published Jan 20, 2023

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection... Critical Unreviewed

CVE-2022-48124 was published Jan 20, 2023

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection... Critical Unreviewed

CVE-2022-48125 was published Jan 20, 2023

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection... Critical Unreviewed

CVE-2022-48123 was published Jan 20, 2023

A vulnerability was found in TOTOLINK X18 9.1.0cu.2024_B20220329. It has been declared as... Moderate Unreviewed

CVE-2025-1829 was published Mar 2, 2025

D-Link DIR-859 A1 1.05 was discovered to contain a command injection vulnerability via the... Critical Unreviewed

CVE-2022-46476 was published Jan 20, 2023

TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection... Critical Unreviewed

CVE-2022-48126 was published Jan 20, 2023

OrangeScrum version 2.0.11 allows an authenticated external attacker to execute arbitrary... High Unreviewed

CVE-2023-0164 was published Jan 19, 2023

jupyterlab-git has a command injection vulnerability in "Open Git Repository in Terminal" High

CVE-2025-30370 was published for jupyterlab-git (pip) Apr 4, 2025

Credited to dlqqq, rpwagner, and krassowski

Stored Cross-Site Scripting (XSS) in DoWISP in versions prior to 1.16.2.50, which consists of an... Moderate Unreviewed

CVE-2025-3189 was published Apr 4, 2025

MAHO-PBX NetDevancer Lite/Uni/Pro/Cloud prior to Ver.1.11.00, MAHO-PBX NetDevancer VSG Lite/Uni... High Unreviewed

CVE-2023-22280 was published Jan 17, 2023

TOTOlink A7100RU V7.4cu.2313_B20191024 is vulnerable to Command Injection Vulnerability in the... Critical Unreviewed

CVE-2022-47853 was published Jan 17, 2023

global-modules-path Command Injection vulnerability Critical

CVE-2022-21191 was published for global-modules-path (npm) Jan 13, 2023

MAHO-PBX NetDevancer Lite/Uni/Pro/Cloud prior to Ver.1.11.00, MAHO-PBX NetDevancer VSG Lite/Uni... Critical Unreviewed

CVE-2023-22279 was published Jan 17, 2023

An OS command injection vulnerability in lib/NSSDropoff.php in ZendTo 5.24-3 through 6.x before 6... Critical Unreviewed

CVE-2021-47667 was published Apr 5, 2025

The web service of iSherlock from HGiga has an OS Command Injection vulnerability, allowing... Critical Unreviewed

CVE-2025-3362 was published Apr 8, 2025

The web service of iSherlock from HGiga has an OS Command Injection vulnerability, allowing... Critical Unreviewed

CVE-2025-3361 was published Apr 8, 2025

The web service of iSherlock from HGiga has an OS Command Injection vulnerability, allowing... Critical Unreviewed

CVE-2025-3363 was published Apr 8, 2025

Previous 1…130…165 Next

Previous 1 2 … 128 129 130 131 132 … 164 165 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

4,104 advisories