GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,657
Composer 5,011
Erlang 39
GitHub Actions 38
Go 2,651
Maven 6,108
npm 4,279
NuGet 760
pip 4,066
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,275

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

916 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A command execution vulnerability exists in the validate.so diag_ping_start functionality of... Critical Unreviewed

CVE-2023-32632 was published Oct 11, 2023

Improper filering of special characters result in a command ('command injection') vulnerability... Critical Unreviewed

CVE-2024-7397 was published Aug 5, 2024

Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing()... Critical Unreviewed

CVE-2024-39762 was published Jan 14, 2025

Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot() functionality of... Critical Unreviewed

CVE-2024-39781 was published Jan 14, 2025

Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot() functionality of... Critical Unreviewed

CVE-2024-39782 was published Jan 14, 2025

Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality... Critical Unreviewed

CVE-2024-39761 was published Jan 14, 2025

Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing()... Critical Unreviewed

CVE-2024-39763 was published Jan 14, 2025

Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing()... Critical Unreviewed

CVE-2024-39765 was published Jan 14, 2025

SNMP objects in NET-SNMP used in ORing IAP-420 allows Command Injection. This issue affects IAP... Critical Unreviewed

CVE-2024-55547 was published Dec 10, 2024

Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing()... Critical Unreviewed

CVE-2024-39764 was published Jan 14, 2025

Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality... Critical Unreviewed

CVE-2024-39760 was published Jan 14, 2025

Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot() functionality of... Critical Unreviewed

CVE-2024-39783 was published Jan 14, 2025

Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality... Critical Unreviewed

CVE-2024-39759 was published Jan 14, 2025

In Python (aka CPython) through 3.10.4, the mailcap module does not add escape characters into... Critical Unreviewed

CVE-2015-20107 was published Apr 14, 2022

An issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to... Critical Unreviewed

CVE-2025-26063 was published Jul 31, 2025

D-Link DIR810LA1_FW102B22 was discovered to contain a command injection vulnerability via the... Critical Unreviewed

CVE-2022-34974 was published Aug 4, 2022

The TLS4B ATG system's SOAP-based interface is vulnerable due to its accessibility through the... Critical Unreviewed

CVE-2025-58428 was published Oct 23, 2025

A deserialization vulnerability in the License Servlet of Fortra's GoAnywhere MFT allows an actor... Critical Unreviewed

CVE-2025-10035 was published Sep 19, 2025

The Meteobridge web interface let meteobridge administrator manage their weather station data... Critical Unreviewed

CVE-2025-4008 was published May 21, 2025

A command injection vulnerability in the GlobalProtect feature of Palo Alto Networks PAN-OS... Critical Unreviewed

CVE-2024-3400 was published Apr 12, 2024

A remote command injection vulnerability exists in the Barracuda Email Security Gateway ... Critical Unreviewed

CVE-2023-2868 was published Jul 6, 2023

Aria Operations for Networks contains a command injection vulnerability. A malicious actor with... Critical Unreviewed

CVE-2023-20887 was published Jun 7, 2023

SolarView Compact ver.6.00 was discovered to contain a command injection vulnerability via... Critical Unreviewed

CVE-2022-29303 was published May 13, 2022

A command injection vulnerability in the web server of some Hikvision product. Due to the... Critical Unreviewed

CVE-2021-36260 was published May 24, 2022

Yealink Device Management (DM) 3.6.0.20 allows command injection as root via the /sm/api/v1... Critical Unreviewed

CVE-2021-27561 was published May 24, 2022

Previous1…37 Next

Previous 1 2 3 4 5 … 36 37 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

916 advisories