GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,324
Composer 4,360
Erlang 33
GitHub Actions 22
Go 2,127
Maven 5,308
npm 3,793
NuGet 683
pip 3,471
Pub 12
RubyGems 894
Rust 894
Swift 38

Unreviewed advisories

All unreviewed 244,890

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,082 advisories

Filter by severity

Sort by

Least recently updated

IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 / IBM UrbanCode Deploy 7.0 through 7.0... High Unreviewed

CVE-2024-55904 was published Feb 14, 2025

mySCADA myPRO Manager is vulnerable to an OS command injection which could allow a remote... Critical Unreviewed

CVE-2025-25067 was published Feb 14, 2025

An OS command injection vulnerability has been reported to affect several QNAP operating system... Moderate Unreviewed

CVE-2023-50358 was published Feb 13, 2024

A vulnerability in the fosexec command of Brocade Fabric OS after Brocade Fabric OS v9.1.0 and,... High Unreviewed

CVE-2023-31425 was published Aug 1, 2023

This vulnerability exists in ESDS Emagic Data Center Management Suit due to lack of input... High Unreviewed

CVE-2023-37569 was published Aug 8, 2023

Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by an command injection... High Unreviewed

CVE-2023-2574 was published May 8, 2023

Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by an command injection... High Unreviewed

CVE-2023-2573 was published May 8, 2023

A command injection vulnerability in the Palo Alto Networks PAN-OS OpenConfig plugin enables an... High Unreviewed

CVE-2025-0110 was published Feb 12, 2025

A flaw was found in the Emacs text editor. Improper handling of custom "man" URI schemes allows... High Unreviewed

CVE-2025-1244 was published Feb 12, 2025

A command injection vulnerability exists in the IOCTL that manages OTA updates. A specially... High Unreviewed

CVE-2023-6321 was published May 15, 2024

An improper neutralization of special elements used in an os command ('os command injection') in... High Unreviewed

CVE-2024-50567 was published Feb 11, 2025

An improper neutralization of special elements used in an OS command ('OS Command Injection')... High Unreviewed

CVE-2024-40584 was published Feb 11, 2025

OS command injection in the admin web console of Ivanti CSA before version 5.0.5 allows a remote... Critical Unreviewed

CVE-2024-47908 was published Feb 11, 2025

A improper neutralization of special elements used in an os command ('os command injection') in... Moderate Unreviewed

CVE-2024-50569 was published Feb 11, 2025

On Windows platforms, a "best fit" character encoding conversion of command line arguments to... High Unreviewed

CVE-2024-45720 was published Oct 9, 2024

OS Command Injection vulnerability in Revolution Pi version 2022-07-28-revpi-buster from KUNBUS... High Unreviewed

CVE-2024-8684 was published Feb 10, 2025

An issue in TPLINK TL-WPA 8630 TL-WPA8630(US)_V2_2.0.4 Build 20230427 allows a remote attacker to... High Unreviewed

CVE-2024-57357 was published Feb 8, 2025

A command injection vulnerability exists in the processAnalyticsReport method from the com.webos... Critical Unreviewed

CVE-2023-6318 was published Apr 9, 2024

A command injection vulnerability exists in the getAudioMetadata method from the com.webos... Critical Unreviewed

CVE-2023-6319 was published Apr 9, 2024

A command injection vulnerability exists in the com.webos.service.connectionmanager/tv... Critical Unreviewed

CVE-2023-6320 was published Apr 9, 2024

In Flowmon versions prior to 11.1.14 and 12.3.5, an operating system command injection... Critical Unreviewed

CVE-2024-2389 was published Apr 2, 2024

D-Link DNS-320 FW v2.06B01 Revision Ax is affected by command injection in the system_mgr.cgi... Critical Unreviewed

CVE-2020-25506 was published May 24, 2022

A remote code execution vulnerability exists when the Microsoft .NET Framework fails to validate... High Unreviewed

CVE-2020-0646 was published May 24, 2022

Multiple ZyXEL network-attached storage (NAS) devices running firmware version 5.21 contain a pre... High Unreviewed

CVE-2020-9054 was published May 24, 2022

IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote... High Unreviewed

CVE-2020-4428 was published May 24, 2022

Previous 1 2 3 4 5 … 123 124 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,082 advisories