Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,102 advisories

Loading
Tenda AC1200 Router Model W15Ev2 V15.11.0.10(1576) was discovered to contain a command injection... High Unreviewed
CVE-2022-42053 was published Nov 15, 2022
Tesla Model S Iris Modem ql_atfwd Command Injection Code Execution Vulnerability. This... High Unreviewed
CVE-2024-6032 was published Apr 30, 2025
A vulnerability classified as critical has been found in EasyNAS 1.1.0. Affected is the function... High Unreviewed
CVE-2023-0830 was published Feb 14, 2023
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface.... High Unreviewed
CVE-2022-37900 was published Dec 12, 2022
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface.... High Unreviewed
CVE-2022-37912 was published Dec 12, 2022
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface.... High Unreviewed
CVE-2022-37902 was published Dec 12, 2022
"IBM InfoSphere Information Server 11.7 is vulnerable to cross-site scripting. This vulnerability... Moderate Unreviewed
CVE-2022-35642 was published Nov 4, 2022
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface.... High Unreviewed
CVE-2022-37901 was published Dec 12, 2022
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface.... High Unreviewed
CVE-2022-37899 was published Dec 12, 2022
There is a command injection vulnerability that could lead to unauthenticated remote code... Critical Unreviewed
CVE-2022-37897 was published Dec 12, 2022
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface.... High Unreviewed
CVE-2022-37898 was published Dec 12, 2022
/cgi-bin/activate.cgi on Draytek Vigor3900, Vigor2960, and Vigor300B devices before 1.5.1 allows... High Unreviewed
CVE-2020-10826 was published May 24, 2022
OPA server Data API HTTP path injection of Rego High
CVE-2025-46569 was published for github.com/open-policy-agent/opa (Go) May 1, 2025
GamrayW HyouKash
AdrienIT
Credited to GamrayW, HyouKash, and AdrienIT
Dell Unity, versions prior to 5.4, contains an OS Command Injection Vulnerability in its... High Unreviewed
CVE-2024-0166 was published Feb 12, 2024
The remote upgrade feature in Guardzilla GZ180 devices allow command injection via a crafted new... High Unreviewed
CVE-2018-18600 was published May 13, 2022
A vulnerability in the web-based management interface of Aruba EdgeConnect Enterprise... Critical Unreviewed
CVE-2022-37915 was published Oct 28, 2022
D-Link DIR-816 A2 1.10 B05 was discovered to contain multiple command injection vulnerabilities... High Unreviewed
CVE-2022-42999 was published Oct 27, 2022
Multiple command injection vulnerabilities in GL.iNet GoodCloud IoT Device Management System... Moderate Unreviewed
CVE-2022-42055 was published Oct 27, 2022
A vulnerability in the web-based management interface of the Wireless LAN Controller feature of... High Unreviewed
CVE-2025-20186 was published May 7, 2025
A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an... Moderate Unreviewed
CVE-2025-20194 was published May 7, 2025
A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an... Moderate Unreviewed
CVE-2025-20193 was published May 7, 2025
A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could... Moderate Unreviewed
CVE-2025-20213 was published May 7, 2025
Tenda AC9 v15.03.05.14 was discovered to contain a command injection vulnerability via the Telnet... Critical Unreviewed
CVE-2025-45042 was published May 5, 2025
A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN admin privileges can... High Unreviewed
CVE-2025-32821 was published May 7, 2025
Cellopoint Cellos v4.1.10 Build 20190922 does not validate URL inputted properly. With the cookie... High Unreviewed
CVE-2020-17384 was published May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database