GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,600
Composer 5,005
Erlang 39
GitHub Actions 38
Go 2,635
Maven 6,103
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,385

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

2,989 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Magento is affected by an os command injection via the Data collection endpoint High

CVE-2021-36024 was published for magento/community-edition (Composer) May 24, 2022

sqls-server/sqls is vulnerable to command injection in the config command High

CVE-2025-61141 was published for github.com/sqls-server/sqls (Go) Oct 30, 2025

Dell CloudLink, versions prior 8.1.1, contain a Command Injection vulnerability which can be... Moderate Unreviewed

CVE-2025-46365 was published Nov 5, 2025

PHPJabbers Event Booking Calendar v4.0 is vulnerable to Multiple HTML Injection in the "name,... Moderate Unreviewed

CVE-2023-51295 was published May 8, 2025

A vulnerability has been found in LB-LINK AC1900 Router 1.0.2 and classified as critical.... Moderate Unreviewed

CVE-2025-1609 was published Feb 24, 2025

A vulnerability, which was classified as critical, was found in LB-LINK AC1900 Router 1.0.2.... Moderate Unreviewed

CVE-2025-1608 was published Feb 24, 2025

A vulnerability was found in LB-LINK AC1900 Router 1.0.2 and classified as critical. Affected by... Moderate Unreviewed

CVE-2025-1610 was published Feb 24, 2025

The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.4,... High Unreviewed

CVE-2024-23247 was published Mar 8, 2024

Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution ... High Unreviewed

CVE-2024-22903 was published Feb 2, 2024

Two OS command injection vulnerabilities exist in the urvpn_client cmd_name_action functionality... High Unreviewed

CVE-2023-24583 was published Jul 6, 2023

Two OS command injection vulnerabilities exist in the urvpn_client cmd_name_action functionality... High Unreviewed

CVE-2023-24582 was published Jul 6, 2023

Two OS command injection vulnerability exist in the vtysh_ubus toolsh_excute.constprop.1... High Unreviewed

CVE-2023-24520 was published Jul 6, 2023

Vinchin Backup and Recovery 7.2 and Earlier is vulnerable to Authenticated Remote Code Execution ... High Unreviewed

CVE-2024-25228 was published Mar 14, 2024

Splinefont in FontForge through 20230101 allows command injection via crafted archives or... Moderate Unreviewed

CVE-2024-25082 was published Feb 26, 2024

Splinefont in FontForge through 20230101 allows command injection via crafted filenames. Moderate Unreviewed

CVE-2024-25081 was published Feb 26, 2024

Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution ... High Unreviewed

CVE-2024-22900 was published Feb 2, 2024

A command execution vulnerability exists in the validate.so diag_ping_start functionality of... Critical Unreviewed

CVE-2023-32632 was published Oct 11, 2023

Two OS command injection vulnerability exist in the vtysh_ubus toolsh_excute.constprop.1... High Unreviewed

CVE-2023-24519 was published Jul 6, 2023

An issue in NetSurf v.3.11 allows a remote attacker to execute arbitrary code via the... Moderate Unreviewed

CVE-2024-51317 was published Nov 3, 2025

sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script ... High Unreviewed

CVE-2012-1823 was published May 14, 2022

Improper filering of special characters result in a command ('command injection') vulnerability... Critical Unreviewed

CVE-2024-7397 was published Aug 5, 2024

Amanda 3.5.1 allows privilege escalation from the regular user backup to root. The SUID binary... Moderate Unreviewed

CVE-2022-37704 was published Apr 16, 2023

Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot() functionality of... Critical Unreviewed

CVE-2024-39781 was published Jan 14, 2025

Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot() functionality of... Critical Unreviewed

CVE-2024-39782 was published Jan 14, 2025

Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing()... Critical Unreviewed

CVE-2024-39765 was published Jan 14, 2025

Previous1…120 Next

Previous 1 2 3 4 5 … 119 120 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,989 advisories