Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,101 advisories

Loading
IBM Lakehouse (watsonx.data 2.2) could allow an authenticated privileged user to execute... Moderate Unreviewed
CVE-2025-36143 was published Sep 18, 2025
OctoPrint is Vulnerable to RCE Attacks via Unsanitized Filename in File Upload High
CVE-2025-58180 was published for octoprint (pip) Sep 9, 2025
prabhatverma47
Credited to prabhatverma47
Coolify versions prior to v4.0.0-beta.420.7 are vulnerable to a remote code execution... Critical Unreviewed
CVE-2025-34161 was published Aug 27, 2025
FitNesse allows execution of arbitrary OS commands Critical
CVE-2024-28125 was published for org.fitnesse:fitnesse (Maven) Mar 18, 2024
HyperX NGENUITY software is potentially vulnerable to arbitrary code execution. HP is releasing... Moderate Unreviewed
CVE-2025-10568 was published Sep 19, 2025
An OS command injection vulnerability has been discovered in the Vitogate 300, which can be... High Unreviewed
CVE-2025-9494 was published Sep 23, 2025
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed
CVE-2025-9588 was published Sep 23, 2025
A command injection vulnerability has been reported to affect several QNAP operating system... High Unreviewed
CVE-2024-50393 was published Dec 6, 2024
An OS command injection vulnerability exists in the Edimax EW-7438RPn Mini firmware version 1.13... Critical Unreviewed
CVE-2025-34029 was published Jun 20, 2025
An authenticated OS command injection vulnerability exists in various D-Link routers (tested on... High Unreviewed
CVE-2013-10059 was published Aug 1, 2025
An OS command injection vulnerability exists in multiple D-Link routers—confirmed on DIR-300 rev... High Unreviewed
CVE-2013-10050 was published Aug 1, 2025
An OS command injection vulnerability exists in various legacy D-Link routers—including DIR-300... Critical Unreviewed
CVE-2013-10048 was published Aug 1, 2025
An authenticated OS command injection vulnerability exists in Netgear routers (tested on the... Critical Unreviewed
CVE-2013-10060 was published Aug 1, 2025
The web interface of multiple D-Link routers, including DIR-600 rev B (≤2.14b01) and DIR-300 rev... Critical Unreviewed
CVE-2013-10069 was published Aug 5, 2025
An authenticated OS command injection vulnerability exists in Netgear routers (tested on the... High Unreviewed
CVE-2013-10061 was published Aug 1, 2025
Spreecommerce versions prior to 0.50.x contain a remote command execution vulnerability in the... Critical Unreviewed
CVE-2011-10026 was published Aug 20, 2025
Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a vulnerability in its authentication... Critical Unreviewed
CVE-2025-34186 was published Sep 16, 2025
Ilevia EVE X1 Server version ≤ 4.7.18.0.eden contains an unauthenticated OS command injection... Critical Unreviewed
CVE-2025-34184 was published Sep 16, 2025
Multiple D-Link DIR-series routers, including DIR-110, DIR-412, DIR-600, DIR-610, DIR-615, DIR... Critical Unreviewed
CVE-2018-25115 was published Aug 28, 2025
A command injection vulnerability has been reported to affect QuRouter 2.5.1. If a remote... High Unreviewed
CVE-2025-29887 was published Aug 29, 2025
OS Command injection vulnerability in Tenda AC9 1.0 was discovered to contain a command injection... Moderate Unreviewed
CVE-2025-57639 was published Sep 23, 2025
OS Command injection vulnerability in D-Link C1 2020-02-21. The sub_47F028 function in jhttpd... Moderate Unreviewed
CVE-2025-57636 was published Sep 23, 2025
An OS command injection vulnerability has been reported to affect several product versions. If... Critical Unreviewed
CVE-2024-48860 was published Nov 22, 2024
An OS command injection vulnerability has been reported to affect several product versions. If... High Unreviewed
CVE-2024-48861 was published Nov 22, 2024
A command injection vulnerability has been reported to affect several QNAP operating system... Moderate Unreviewed
CVE-2023-23356 was published Dec 19, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database