GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
145 advisories
goshs route not protected, allows command execution
Critical
CVE-2025-46816
was published
for
github.com/patrickhener/goshs
(Go)
May 6, 2025
YoutubeDLSharp allows command injection on windows system due to non sanitized arguments
Critical
CVE-2025-43858
was published
for
YoutubeDLSharp
(NuGet)
Apr 23, 2025
SurrealDB server-takeover via SurrealQL injection on backup import
Critical
GHSA-ccj3-5p93-8p42
was published
for
surrealdb
(Rust)
Apr 11, 2025
Withdrawn Advisory: Dask Vulnerable to Command Injection
Critical
CVE-2024-10096
was published
for
dask
(pip)
Mar 20, 2025
•
withdrawn
Grafana Command Injection And Local File Inclusion Via Sql Expressions
Critical
CVE-2024-9264
was published
for
github.com/grafana/grafana
(Go)
Oct 18, 2024
Command Injection in sequenceserver
Critical
CVE-2024-42360
was published
for
sequenceserver
(RubyGems)
Aug 13, 2024
ConsoleMe has an Arbitrary File Read Vulnerability via Limited Git command
Critical
CVE-2024-5023
was published
for
consoleme
(pip)
May 16, 2024
pymatgen vulnerable to arbitrary code execution when parsing a maliciously crafted JonesFaithfulTransformation transformation_string
Critical
CVE-2024-23346
was published
for
pymatgen
(pip)
Feb 21, 2024
ProTip!
Advisories are also available from the
GraphQL API