Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,104 advisories

Loading
A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web... Critical Unreviewed
CVE-2024-41788 was published Apr 8, 2025
A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web... Critical Unreviewed
CVE-2024-41790 was published Apr 8, 2025
A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web... Critical Unreviewed
CVE-2024-41789 was published Apr 8, 2025
An improper neutralization of special elements used in an OS command ('OS Command Injection')... High Unreviewed
CVE-2024-54024 was published Apr 8, 2025
An improper neutralization of special elements used in an OS command ('OS Command Injection')... Moderate Unreviewed
CVE-2024-54025 was published Apr 8, 2025
A vulnerability in the file creation process on the command line interface of AOS-8 Instant and... Moderate Unreviewed
CVE-2025-27079 was published Apr 8, 2025
A vulnerability in a system binary of AOS-8 Instant and AOS-10 AP could allow an authenticated... Moderate Unreviewed
CVE-2025-27078 was published Apr 8, 2025
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper... High Unreviewed
CVE-2025-30289 was published Apr 8, 2025
ColdFusion versions 2023.12, 2021.18, 2025.0 and earlier are affected by an Improper... High Unreviewed
CVE-2025-30286 was published Apr 8, 2025
Improper sanitization of branch names in GitLab Runner affecting all versions prior to 15.3.5, 15... High Unreviewed
CVE-2022-2251 was published Jan 17, 2023
Multiple argument injection vulnerabilities in Mozilla Firefox 2.0.0.5 and 3.0alpha allow remote... Moderate Unreviewed
CVE-2007-4041 was published May 1, 2022
clamav-milter in ClamAV before 0.91.2, when run in black hole mode, allows remote attackers to... High Unreviewed
CVE-2007-4560 was published May 1, 2022
The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3 and earlier, as used in (1)... High Unreviewed
CVE-2008-4796 was published May 13, 2022
The web interface in git (gitweb) 1.5.x before 1.5.5 allows remote attackers to execute arbitrary... High Unreviewed
CVE-2008-5516 was published May 13, 2022
statuswml.cgi in Nagios before 3.1.1 allows remote attackers to execute arbitrary commands via... High Unreviewed
CVE-2009-2288 was published May 2, 2022
pphoto in Ariadne before 2.6 allows remote authenticated users with certain privileges to execute... High Unreviewed
CVE-2008-7125 was published May 17, 2022
Argument injection vulnerability in the traceroute function in Traceroute.php in the... High Unreviewed
CVE-2009-4025 was published May 2, 2022
OS command injection vulnerability in the specific service exists in Wi-Fi AP UNIT 'AC-WPS-11ac... Critical Unreviewed
CVE-2025-27797 was published Apr 9, 2025
OS command injection vulnerability in the WEB UI (the setting page) exists in Wi-Fi AP UNIT 'AC... High Unreviewed
CVE-2025-25053 was published Apr 9, 2025
Improper Control of Generation of Code ('Code Injection') in Azure CLI High
CVE-2022-39327 was published for azure-cli (pip) Oct 25, 2022
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote... High Unreviewed
CVE-2022-43536 was published Jan 5, 2023
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote... High Unreviewed
CVE-2022-43538 was published Jan 5, 2023
Vulnerabilities in the ClearPass Policy Manager web-based management interface allow remote... High Unreviewed
CVE-2022-43537 was published Jan 5, 2023
exec-local-bin vulnerable to Command Injection Critical
CVE-2022-25923 was published for exec-local-bin (npm) Jan 6, 2023
The FXCLI_OraBR_Exec_Command function in FastBackServer.exe in the Server in IBM Tivoli Storage... High Unreviewed
CVE-2010-3754 was published May 14, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database