Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,350
Erlang
31
GitHub Actions
22
Go
2,119
Maven
5,000+
npm
3,778
NuGet
680
pip
3,459
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,441 advisories

Loading
Honeywell OneWireless Wireless Device Manager (WDM) for the following versions R310.x, R320.x,... Critical Unreviewed
CVE-2023-5878 was published Feb 6, 2025
When running in Appliance mode, an authenticated remote command injection vulnerability exists in... High Unreviewed
CVE-2025-23239 was published Feb 5, 2025
eladmin <=2.7 is vulnerable to CSV Injection in the exception log download module. Critical Unreviewed
CVE-2025-22978 was published Feb 3, 2025
EasyVirt DCScope 8.6.0 and earlier and co2Scope 1.3.0 and earlier are vulnerable to Command... Critical Unreviewed
CVE-2024-55062 was published Feb 1, 2025
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed
CVE-2024-23971 was published Jan 31, 2025
files.photo.gallery command injection Moderate
CVE-2024-53615 was published for files.photo.gallery (npm) Jan 30, 2025
The specific component in Celk Saude 3.1.252.1 that processes user input and returns error... Critical Unreviewed
CVE-2024-48761 was published Jan 30, 2025
A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. It has been rated as... Critical Unreviewed
CVE-2025-0798 was published Jan 29, 2025
A privacy issue was addressed with improved handling of files. This issue is fixed in macOS... High Unreviewed
CVE-2025-24150 was published Jan 28, 2025
Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 suffers from Command Injection issues in ... High Unreviewed
CVE-2024-48419 was published Jan 27, 2025
TRENDnet TEW-632BRP v1.010B31 devices have an OS command injection vulnerability in the CGl... Critical Unreviewed
CVE-2024-57590 was published Jan 27, 2025
ECOVACS robot lawnmowers and vacuums are vulnerable to command injection via SetNetPin() over an... Moderate Unreviewed
CVE-2024-52325 was published Jan 23, 2025
A code injection vulnerability exists in the Ambari Alert Definition feature, allowing... High Unreviewed
CVE-2025-23196 was published Jan 22, 2025
Linksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via... High Unreviewed
CVE-2024-57536 was published Jan 21, 2025
Linksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via... High Unreviewed
CVE-2024-57539 was published Jan 21, 2025
The script input feature of SpagoBI 3.5.1 allows arbitrary code execution. Critical Unreviewed
CVE-2024-54794 was published Jan 21, 2025
TOTOLINK A810R V4.1.2cu.5032_B20200407 was found to contain a command insertion vulnerability in... High Unreviewed
CVE-2024-57036 was published Jan 21, 2025
Multiple bash files were present in the application's private directory. Bash files can be used... Low Unreviewed
CVE-2024-54681 was published Jan 17, 2025
A JNDI injection issue was discovered in Cloudera JDBC Connector for Hive before 2.6.26 and JDBC... High Unreviewed
CVE-2024-54660 was published Jan 17, 2025
Tenda AC18 V15.03.05.19 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2024-57583 was published Jan 16, 2025
Authenticated command injection vulnerability in the command line interface of a network... High Unreviewed
CVE-2025-23052 was published Jan 14, 2025
Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot() functionality of... Critical Unreviewed
CVE-2024-39783 was published Jan 14, 2025
Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing()... Critical Unreviewed
CVE-2024-39764 was published Jan 14, 2025
Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing()... Critical Unreviewed
CVE-2024-39763 was published Jan 14, 2025
Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality... Critical Unreviewed
CVE-2024-39760 was published Jan 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database