Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,651
Maven
5,000+
npm
4,279
NuGet
760
pip
4,066
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,278 advisories

Loading
An issue in Intermesh BV GroupOffice vulnerable before v.25.0.47 and 6.8.136 allows a remote... High Unreviewed
CVE-2025-63406 was published Nov 13, 2025
Improper neutralization of special elements used in a command ('command injection') in Visual... High Unreviewed
CVE-2025-62222 was published Nov 11, 2025
A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1_FW102B02... High Unreviewed
CVE-2025-60697 was published Nov 13, 2025
A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1_FW102B02... High Unreviewed
CVE-2025-60698 was published Nov 13, 2025
An issue in Agnitum Outpost Security Suite 7.5.3 (3942.608.1810) and 7.6 (3984.693.1842) allows a... High Unreviewed
CVE-2024-57695 was published Nov 11, 2025
Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Neutralization... High Unreviewed
CVE-2025-46428 was published Nov 12, 2025
Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Neutralization of... High Unreviewed
CVE-2025-46427 was published Nov 12, 2025
Zohocorp ManageEngine Applications Manager versions 178100 and below are vulnerable to... High Unreviewed
CVE-2025-9223 was published Nov 11, 2025
A Command Injection vulnerability, resulting from improper file path sanitization (Directory... High Unreviewed
CVE-2025-12155 was published Nov 10, 2025
Magento is affected by an os command injection via the Data collection endpoint High
CVE-2021-36024 was published for magento/community-edition (Composer) May 24, 2022
sqls-server/sqls is vulnerable to command injection in the config command High
CVE-2025-61141 was published for github.com/sqls-server/sqls (Go) Oct 30, 2025
The issue was addressed with improved memory handling. This issue is fixed in macOS Sonoma 14.4,... High Unreviewed
CVE-2024-23247 was published Mar 8, 2024
Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution ... High Unreviewed
CVE-2024-22903 was published Feb 2, 2024
Two OS command injection vulnerabilities exist in the urvpn_client cmd_name_action functionality... High Unreviewed
CVE-2023-24583 was published Jul 6, 2023
Two OS command injection vulnerabilities exist in the urvpn_client cmd_name_action functionality... High Unreviewed
CVE-2023-24582 was published Jul 6, 2023
Two OS command injection vulnerability exist in the vtysh_ubus toolsh_excute.constprop.1... High Unreviewed
CVE-2023-24520 was published Jul 6, 2023
Vinchin Backup and Recovery 7.2 and Earlier is vulnerable to Authenticated Remote Code Execution ... High Unreviewed
CVE-2024-25228 was published Mar 14, 2024
Vinchin Backup & Recovery v7.2 was discovered to contain an authenticated remote code execution ... High Unreviewed
CVE-2024-22900 was published Feb 2, 2024
Two OS command injection vulnerability exist in the vtysh_ubus toolsh_excute.constprop.1... High Unreviewed
CVE-2023-24519 was published Jul 6, 2023
sapi/cgi/cgi_main.c in PHP before 5.3.12 and 5.4.x before 5.4.2, when configured as a CGI script ... High Unreviewed
CVE-2012-1823 was published May 14, 2022
Missing input validation in the ORing IAP-420 web-interface allows stored Cross-Site Scripting ... High Unreviewed
CVE-2024-55544 was published Dec 10, 2024
An attacker with local access the to medical office computer can escalate his Windows user... High Unreviewed
CVE-2024-50591 was published Nov 8, 2024
A privacy issue was addressed with improved handling of files. This issue is fixed in macOS... High Unreviewed
CVE-2025-24150 was published Jan 28, 2025
In Progress Telerik Reporting versions prior to 2024 Q3 (2024.3.924), a command injection attack... High Unreviewed
CVE-2024-7840 was published Oct 9, 2024
A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050... High Unreviewed
CVE-2023-33919 was published Jun 13, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database