Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,457 advisories

Loading
Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the... High Unreviewed
CVE-2024-57228 was published Jan 10, 2025
Multiple bash files were present in the application's private directory. Bash files can be used... Low Unreviewed
CVE-2024-54681 was published Jan 17, 2025
virtualenv allows command injection through activation scripts for a virtual environment High
CVE-2024-53899 was published for virtualenv (pip) Nov 24, 2024
lboynton
PaddlePaddle command injection vulnerability High
CVE-2024-0817 was published for paddlepaddle (pip) Mar 7, 2024
Remote Code Execution has been discovered in OpenText™ iManager 3.2.6.0200. The vulnerability can... High Unreviewed
CVE-2024-3483 was published May 15, 2024
The script input feature of SpagoBI 3.5.1 allows arbitrary code execution. Critical Unreviewed
CVE-2024-54794 was published Jan 21, 2025
A code injection vulnerability exists in the Ambari Alert Definition feature, allowing... High Unreviewed
CVE-2025-23196 was published Jan 22, 2025
Tenda AC18 V15.03.05.19 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2024-57583 was published Jan 16, 2025
Linksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via... High Unreviewed
CVE-2024-57536 was published Jan 21, 2025
ECOVACS robot lawnmowers and vacuums are vulnerable to command injection via SetNetPin() over an... Moderate Unreviewed
CVE-2024-52325 was published Jan 23, 2025
An unauthenticated remote attacker can perform a command injection in the OCPP Service with... High Unreviewed
CVE-2024-25998 was published Mar 12, 2024
A local attacker with low... High Unreviewed
CVE-2024-28136 was published May 14, 2024
A low privileged remote attacker... Moderate Unreviewed
CVE-2024-28135 was published May 14, 2024
Authenticated command injection vulnerability in the command line interface of a network... High Unreviewed
CVE-2025-23052 was published Jan 14, 2025
Not all valid JavaScript whitespace characters are considered to be whitespace. Templates... Critical Unreviewed
CVE-2023-24540 was published May 11, 2023
Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. An... High Unreviewed
CVE-2024-25946 was published Mar 28, 2024
Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. An... High Unreviewed
CVE-2024-25955 was published Mar 28, 2024
(1) boardData102.php, (2) boardData103.php, (3) boardDataJP.php, (4) boardDataNA.php, and (5)... Critical Unreviewed
CVE-2016-1555 was published May 14, 2022
The WLS Security component in Oracle WebLogic Server 10.3.6.0, 12.1.2.0, 12.1.3.0, and 12.2.1.0... High Unreviewed
CVE-2015-4852 was published May 14, 2022
TRENDnet TEW-632BRP v1.010B31 devices have an OS command injection vulnerability in the CGl... Critical Unreviewed
CVE-2024-57590 was published Jan 27, 2025
Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 suffers from Command Injection issues in ... High Unreviewed
CVE-2024-48419 was published Jan 27, 2025
A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. It has been rated as... Critical Unreviewed
CVE-2025-0798 was published Jan 29, 2025
SolarView Compact ver.6.00 was discovered to contain a command injection vulnerability via... Critical Unreviewed
CVE-2022-29303 was published May 13, 2022
Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17,... High Unreviewed
CVE-2022-36804 was published Aug 26, 2022
Improper input validation in github.com/gin-gonic/gin Moderate
CVE-2023-26125 was published for github.com/gin-gonic/gin (Go) May 4, 2023
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database