GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,816

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

4,102 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Nagios XI versions prior to 5.7.3 contain a command injection vulnerability in the report PDF... High Unreviewed

CVE-2020-36867 was published Oct 31, 2025

Nagios XI versions prior to 5.6.14 contain an authenticated remote command execution... Critical Unreviewed

CVE-2020-36856 was published Oct 31, 2025

Nagios XI versions prior to 5.4.13 contain a remote code execution vulnerability in the Component... High Unreviewed

CVE-2018-25122 was published Oct 31, 2025

Dell CloudLink, versions prior to 8.2, contain a vulnerability where a privileged user with known... High Unreviewed

CVE-2025-30479 was published Nov 5, 2025

Dell CloudLink, versions 8.0 through 8.1.2, contain vulnerability on restricted shell. A... Critical Unreviewed

CVE-2025-45378 was published Nov 5, 2025

Dell CloudLink, versions prior to 8.2, contain a vulnerability where a privileged user with known... High Unreviewed

CVE-2025-45379 was published Nov 5, 2025

MiR software versions prior to version 3.0.0 are affected by a command injection vulnerability. A... High Unreviewed

CVE-2025-8748 was published Aug 8, 2025

A command injection vulnerability affects the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model... Critical Unreviewed

CVE-2025-34149 was published Aug 7, 2025

An unauthenticated OS command injection vulnerability exists in the Shenzhen Aitemi M300 Wi-Fi... Critical Unreviewed

CVE-2025-34148 was published Aug 7, 2025

An unauthenticated OS command injection vulnerability exists in the Shenzhen Aitemi M300 Wi-Fi... Critical Unreviewed

CVE-2025-34147 was published Aug 4, 2025

An unauthenticated OS command injection vulnerability exists in the Shenzhen Aitemi M300 Wi-Fi... Critical Unreviewed

CVE-2025-34152 was published Aug 7, 2025

The PPPoE configuration interface of the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02... Critical Unreviewed

CVE-2025-34150 was published Aug 7, 2025

A command injection vulnerability exists in the 'passwd' parameter of the PPPoE setup process on... Critical Unreviewed

CVE-2025-34151 was published Aug 7, 2025

An authentication bypass vulnerability exists in ETQ Reliance on the CG (legacy) platform. The... Critical Unreviewed

CVE-2025-34143 was published Jul 22, 2025

A vulnerability was found in csmock where a regular user of the OSH service (anyone with a valid... High Unreviewed

CVE-2024-2243 was published Apr 10, 2024

In ssh in OpenSSH before 9.6, OS command injection might occur if a user name or host name has... Critical Unreviewed

CVE-2023-51385 was published Dec 18, 2023

A vulnerability has been found in LB-LINK AC1900 Router 1.0.2 and classified as critical.... Moderate Unreviewed

CVE-2025-1609 was published Feb 24, 2025

A vulnerability, which was classified as critical, was found in LB-LINK AC1900 Router 1.0.2.... Moderate Unreviewed

CVE-2025-1608 was published Feb 24, 2025

A vulnerability was found in LB-LINK AC1900 Router 1.0.2 and classified as critical. Affected by... Moderate Unreviewed

CVE-2025-1610 was published Feb 24, 2025

A vulnerability in the VirusEvent feature of ClamAV could allow a local attacker to inject... Moderate Unreviewed

CVE-2024-20328 was published Mar 1, 2024

A post authentication command injection vulnerability exists in the ipsec policy functionality of... High Unreviewed

CVE-2023-47209 was published Feb 6, 2024

Multiple OS command injection vulnerabilities exist in the decompression functionality of GTKWave... High Unreviewed

CVE-2023-35963 was published Jan 8, 2024

An OS command injection vulnerability exists in the api.cgi cmd.mvpn.x509.write functionality of... High Unreviewed

CVE-2023-35194 was published Oct 11, 2023

An OS command injection vulnerability exists in the admin.cgi MVPN_trial_init functionality of... High Unreviewed

CVE-2023-28381 was published Oct 11, 2023

Two OS command injection vulnerabilities exist in the zebra vlan_name functionality of Milesight... High Unreviewed

CVE-2023-25583 was published Jul 6, 2023

Previous 12…165 Next

Previous 1 2 3 4 5 … 164 165 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

4,102 advisories