Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,359
Erlang
33
GitHub Actions
22
Go
2,126
Maven
5,000+
npm
3,787
NuGet
683
pip
3,470
Pub
12
RubyGems
894
Rust
892
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,454 advisories

Loading
The Symantec Messaging Gateway before 10.6.3-267 can encounter an issue of remote code execution,... High Unreviewed
CVE-2017-6327 was published May 13, 2022
1Panel arbitrary file write vulnerability Moderate
CVE-2024-34352 was published for github.com/1Panel-dev/1Panel (Go) May 9, 2024
an5er
A remote code execution vulnerability exists in the way that the MSHTML engine inproperly... High Unreviewed
CVE-2019-0541 was published May 13, 2022
D-Link DNS-320 FW v2.06B01 Revision Ax is affected by command injection in the system_mgr.cgi... Critical Unreviewed
CVE-2020-25506 was published May 24, 2022
Atos Unify OpenScape SBC 10 before 10R3.1.3, OpenScape Branch 10 before 10R3.1.2, and OpenScape... High Unreviewed
CVE-2023-30638 was published Apr 14, 2023
An issue was identified in GitLab CE/EE affecting all versions from 1.0 prior to 15.8.5, 15.9... Critical Unreviewed
CVE-2023-1708 was published Apr 5, 2023
A vulnerability has been found in the CPython `venv` module and CLI where path names provided... Moderate Unreviewed
CVE-2024-9287 was published Oct 22, 2024
A vulnerability has been identified in RUGGEDCOM RM1224 LTE(4G) EU (6GK6108-4AM00-2BA2) (All... High Unreviewed
CVE-2024-50572 was published Nov 12, 2024
D-Link Go-RT-AC750 revA_v101b03 was discovered to contain a command injection vulnerability via... Critical Unreviewed
CVE-2023-26822 was published Apr 2, 2023
A command injection vulnerability exists in the IOCTL that manages OTA updates. A specially... High Unreviewed
CVE-2023-6321 was published May 15, 2024
The Platform component of Mitel OpenScape 4000 and OpenScape 4000 Manager V11 R0.22.0 through V11... High Unreviewed
CVE-2025-23094 was published Feb 6, 2025
In Progress® Telerik® UI for WinUI versions prior to 2025 Q1 (3.0.0), a command injection attack... High Unreviewed
CVE-2024-12251 was published Feb 12, 2025
webservice in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before... Critical Unreviewed
CVE-2023-29473 was published Apr 7, 2023
inventory in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before... Critical Unreviewed
CVE-2023-29474 was published Apr 7, 2023
inventory in Atos Unify OpenScape 4000 Platform and OpenScape 4000 Manager Platform 10 R1 before... Critical Unreviewed
CVE-2023-29475 was published Apr 7, 2023
A vulnerability classified as critical was found in olajowon Loggrove up to... Moderate Unreviewed
CVE-2025-1229 was published Feb 13, 2025
An issue in Team Amaze Amaze File Manager v.3.8.5 and fixed in v.3.10 allows a local attacker to... Moderate Unreviewed
CVE-2024-33469 was published Feb 12, 2025
Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by an command injection... High Unreviewed
CVE-2023-2574 was published May 8, 2023
Advantech EKI-1524, EKI-1522, EKI-1521 devices through 1.21 are affected by an command injection... High Unreviewed
CVE-2023-2573 was published May 8, 2023
An OS command injection vulnerability has been reported to affect several QNAP operating system... Moderate Unreviewed
CVE-2023-47218 was published Feb 13, 2024
Composer has multiple command injections via malicious git/hg branch names High
CVE-2024-35242 was published for composer/composer (Composer) Jun 10, 2024
haqpl
Apache Spark UI vulnerable to Command Injection High
CVE-2023-32007 was published for org.apache.spark:spark-parent_2.12 (Maven) May 2, 2023
Composer has a command injection via malicious git branch name High
CVE-2024-35241 was published for composer/composer (Composer) Jun 10, 2024
martinhaunschmid
Apache HugeGraph-Server: Command execution in gremlin Critical
CVE-2024-27348 was published for org.apache.hugegraph:hugegraph-api (Maven) Apr 22, 2024
Apache StreamPark: Unchecked maven build params could trigger remote command execution Moderate
CVE-2023-52291 was published for org.apache.streampark:streampark (Maven) Jul 17, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database