Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,102 advisories

Loading
D-Link DIR878 1.30B08 Hotfix_04 was discovered to contain a command injection vulnerability via... Critical Unreviewed
CVE-2022-43184 was published Oct 19, 2022
MVPower CCTV DVR models, including TV-7104HE 1.8.4 115215B9 and TV7108HE, contain a web shell... Critical Unreviewed
CVE-2016-20016 was published Oct 19, 2022
AWorld OS Command Injection vulnerability Low
CVE-2025-4032 was published for aworld (pip) Apr 28, 2025
A vulnerability has been identified in OZW672 (All versions < V8.0), OZW772 (All versions < V8.0)... Critical Unreviewed
CVE-2025-26389 was published May 13, 2025
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions with... High Unreviewed
CVE-2025-40582 was published May 13, 2025
Jhead 3.06.0.1 allows attackers to execute arbitrary OS commands by placing them in a JPEG... High Unreviewed
CVE-2022-41751 was published Oct 17, 2022
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the... Critical Unreviewed
CVE-2025-45491 was published May 6, 2025
ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper... Critical Unreviewed
CVE-2025-43562 was published May 13, 2025
TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain a command injection vulnerability... Critical Unreviewed
CVE-2025-45858 was published May 13, 2025
Improper neutralization of special elements used in an OS command ('OS Command Injection') issue... Critical Unreviewed
CVE-2025-32002 was published May 15, 2025
Brandon Rothel from QED Secure Solutions has found that the VAPIX API tcptest.cgi did not have a... Moderate Unreviewed
CVE-2023-5677 was published Feb 5, 2024
motionEye vulnerable to RCE in add_camera Function Due to unsafe command execution High
CVE-2025-47782 was published for motioneye (pip) May 15, 2025
hyperlyz MichaIng
Credited to hyperlyz and MichaIng
Apache Kylin vulnerable to remote code execution Critical
CVE-2022-24697 was published for org.apache.kylin:kylin-core-common (Maven) Jul 6, 2023
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed
CVE-2025-2605 was published May 2, 2025
dbclient in Dropbear SSH before 2025.88 allows command injection via an untrusted hostname... Moderate Unreviewed
CVE-2025-47203 was published May 7, 2025
The vCenter Server contains an authenticated command-execution vulnerability. A malicious actor... High Unreviewed
CVE-2025-41225 was published May 20, 2025
A command injection vulnerability in the component /cgi-bin/firewall.cgi of Wavlink WL-WN579A3 v1... Critical Unreviewed
CVE-2025-44882 was published May 20, 2025
A command injection vulnerability in the component /cgi-bin/adm.cgi of Wavlink WL-WN579A3 v1.0... Critical Unreviewed
CVE-2025-44880 was published May 20, 2025
TOTOLINK A860R V4.1.2cu.5182_B20201027 was discovered to contain a command injection via the... Critical Unreviewed
CVE-2022-40475 was published Sep 30, 2022
A vulnerability, which was classified as critical, has been found in D-Link DIR-823X 240126... Moderate Unreviewed
CVE-2025-2717 was published Mar 25, 2025
AAPanel v7.0.7 was discovered to contain an OS command injection vulnerability. Moderate Unreviewed
CVE-2024-42922 was published May 21, 2025
The Backup Plus extension for TYPO3 (ns_backup) allows command injections Moderate
CVE-2025-48204 was published for nitsan/ns-backup (Composer) May 21, 2025
eCharge Hardy Barth cPH2 check_req.php ntp Command Injection Remote Code Execution Vulnerability.... High Unreviewed
CVE-2025-3881 was published May 22, 2025
eCharge Hardy Barth cPH2 index.php Command Injection Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-3883 was published May 22, 2025
eCharge Hardy Barth cPH2 nwcheckexec.php dest Command Injection Remote Code Execution... High Unreviewed
CVE-2025-3882 was published May 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database