Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,800
Erlang
36
GitHub Actions
29
Go
2,380
Maven
5,000+
npm
4,005
NuGet
720
pip
3,805
Pub
12
RubyGems
927
Rust
986
Swift
38
Unreviewed advisories
All unreviewed
5,000+

1,212 advisories

Loading
Improper Neutralization of Special Elements used in a Command vulnerability allows OS Command... High Unreviewed
CVE-2024-12971 was published Mar 17, 2025
A improper neutralization of special elements used in a command ('command injection') in Fortinet... High Unreviewed
CVE-2024-46662 was published Mar 14, 2025
Improper neutralization of special elements used in a command ('command injection') in Azure Arc... High Unreviewed
CVE-2025-26627 was published Mar 11, 2025
Improper neutralization of special elements used in a command ('command injection') in Azure... High Unreviewed
CVE-2025-24049 was published Mar 11, 2025
Dell ThinOS 2411 and prior, contains an Improper Neutralization of Special Elements used in a... High Unreviewed
CVE-2025-26331 was published Mar 7, 2025
Smartwares cameras CIP-37210AT and C724IP, as well as others which share the same firmware in... High Unreviewed
CVE-2024-13892 was published Mar 6, 2025
An Improper Neutralization of Escape Sequences vulnerability could allow an Authentication Bypass... High Unreviewed
CVE-2025-23119 was published Mar 1, 2025
Implementation of the Simple Network Management Protocol (SNMP) operating on the Brocade 6547 ... High Unreviewed
CVE-2024-5461 was published Feb 15, 2025
The vulnerability may allow a remote low priviledged attacker to run arbitrary shell commands by... High Unreviewed
CVE-2025-0593 was published Feb 14, 2025
A critical remote code execution (RCE) vulnerability exists in the web-based management interface... High Unreviewed
CVE-2025-22962 was published Feb 14, 2025
An attacker may inject commands via specially-crafted post requests. High Unreviewed
CVE-2025-24861 was published Feb 14, 2025
D-Link DIR-853 A1 FW1.20B07 was discovered to contain a command injection vulnerability in the... High Unreviewed
CVE-2025-25743 was published Feb 12, 2025
In Progress® Telerik® UI for WinUI versions prior to 2025 Q1 (3.0.0), a command injection attack... High Unreviewed
CVE-2024-12251 was published Feb 12, 2025
The Platform component of Mitel OpenScape 4000 and OpenScape 4000 Manager V11 R0.22.0 through V11... High Unreviewed
CVE-2025-23094 was published Feb 6, 2025
When running in Appliance mode, an authenticated remote command injection vulnerability exists in... High Unreviewed
CVE-2025-23239 was published Feb 5, 2025
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed
CVE-2024-23971 was published Jan 31, 2025
A privacy issue was addressed with improved handling of files. This issue is fixed in macOS... High Unreviewed
CVE-2025-24150 was published Jan 28, 2025
Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 suffers from Command Injection issues in ... High Unreviewed
CVE-2024-48419 was published Jan 27, 2025
A remote code injection vulnerability exists in the Ambari Metrics and AMS Alerts feature,... High Unreviewed
CVE-2024-51941 was published Jan 22, 2025
A code injection vulnerability exists in the Ambari Alert Definition feature, allowing... High Unreviewed
CVE-2025-23196 was published Jan 22, 2025
Linksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via... High Unreviewed
CVE-2024-57536 was published Jan 21, 2025
Linksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via... High Unreviewed
CVE-2024-57539 was published Jan 21, 2025
TOTOLINK A810R V4.1.2cu.5032_B20200407 was found to contain a command insertion vulnerability in... High Unreviewed
CVE-2024-57036 was published Jan 21, 2025
A JNDI injection issue was discovered in Cloudera JDBC Connector for Hive before 2.6.26 and JDBC... High Unreviewed
CVE-2024-54660 was published Jan 17, 2025
Authenticated command injection vulnerability in the command line interface of a network... High Unreviewed
CVE-2025-23052 was published Jan 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database