Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,104 advisories

Loading
TRENDnet TV-IP410 vA1.0R was discovered to contain an OS command injection vulnerability via the ... Critical Unreviewed
CVE-2024-46484 was published Aug 29, 2025
Command Injection vulnerability in MagnusSolution magnusbilling 6.x and 7.x allows remote... Critical Unreviewed
CVE-2023-30258 was published Jun 23, 2023
Multiple products provided by iND Co.,Ltd contain an OS command injection vulnerability. If... High Unreviewed
CVE-2025-53508 was published Aug 29, 2025
Valtimo scripting engine can be used to gain access to sensitive data or resources Critical
CVE-2025-58059 was published for com.ritense.valtimo:core (Maven) Aug 28, 2025
D-Link DIR-868L B1 router firmware version FW2.05WWB02 contains an unauthenticated OS command... Critical Unreviewed
CVE-2025-55583 was published Aug 28, 2025
AnyShare contains a critical unauthenticated remote code execution vulnerability in the... Critical Unreviewed
CVE-2025-34160 was published Aug 28, 2025
A command injection vulnerability in Dahua EIMS versions prior to 2240008 allows unauthenticated... Critical Unreviewed
CVE-2024-13985 was published Aug 28, 2025
LLama Factory Remote OS Command Injection Vulnerability High
CVE-2024-52803 was published for llamafactory (pip) Nov 21, 2024
superboy-zjc
Credited to superboy-zjc
The Calamaris log exporter CGI (/cgi-bin/logs.cgi/calamaris.dat) in IPFire 2.29 does not properly... Moderate Unreviewed
CVE-2025-50974 was published Aug 26, 2025
Multiple vulnerabilities in the CLI and web-based management interface of Cisco UCS Manager... Moderate Unreviewed
CVE-2025-20294 was published Aug 27, 2025
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local attacker... Moderate Unreviewed
CVE-2025-20292 was published Aug 27, 2025
A vulnerability in the CLI of Cisco UCS Manager Software could allow an authenticated, local... Moderate Unreviewed
CVE-2025-20295 was published Aug 27, 2025
An improper input validation vulnerability was discovered in the NTP server configuration field... High Unreviewed
CVE-2025-22495 was published Feb 24, 2025
An high privileged remote attacker can enable telnet access that accepts hardcoded credentials.  Critical Unreviewed
CVE-2024-28751 was published Jul 9, 2024
A remote unauthenticated attacker who has bypassed authentication could execute arbitrary OS... Critical Unreviewed
CVE-2025-3128 was published Aug 21, 2025
A vulnerability, which was classified as critical, was found in Ruijie RG-UAC up to 20240506.... Moderate Unreviewed
CVE-2024-4816 was published May 14, 2024
A vulnerability classified as critical has been found in Ruijie RG-UAC up to 20240506. Affected... Moderate Unreviewed
CVE-2024-4813 was published May 14, 2024
A vulnerability classified as critical was found in Ruijie RG-UAC up to 20240506. Affected by... Moderate Unreviewed
CVE-2024-4814 was published May 14, 2024
A vulnerability, which was classified as critical, has been found in Ruijie RG-UAC up to 20240506... Moderate Unreviewed
CVE-2024-4815 was published May 14, 2024
A vulnerability classified as critical was found in Ruijie RG-UAC 1.0. Affected by this... Moderate Unreviewed
CVE-2024-6184 was published Jun 20, 2024
A vulnerability, which was classified as critical, was found in Ruijie RG-UAC 1.0. This affects... Moderate Unreviewed
CVE-2024-6186 was published Jun 20, 2024
A vulnerability has been found in Ruijie RG-UAC 1.0 and classified as critical. This... Moderate Unreviewed
CVE-2024-6187 was published Jun 20, 2024
Job Iteration API is vulnerable to OS Command Injection attack through its CsvEnumerator class Critical
CVE-2025-53623 was published for job-iteration (RubyGems) Jul 14, 2025
calysteon yehuda-alt
Credited to calysteon and yehuda-alt
The StrongDM Windows service incorrectly handled input validation. Authenticated attackers could... High Unreviewed
CVE-2025-6181 was published Aug 20, 2025
The StrongDM macOS client incorrectly processed JSON-formatted messages. Attackers could... High Unreviewed
CVE-2025-6183 was published Aug 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database