Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,908
Erlang
39
GitHub Actions
38
Go
2,568
Maven
5,000+
npm
4,240
NuGet
754
pip
4,004
Pub
12
RubyGems
953
Rust
1,042
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,246 advisories

Loading
IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11... High Unreviewed
CVE-2025-36354 was published Oct 6, 2025
Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements... High Unreviewed
CVE-2025-36604 was published Aug 4, 2025
Firmware in KAON AR2140 routers prior to version 4.2.16 is vulnerable to a shell command... High Unreviewed
CVE-2024-3659 was published Aug 8, 2024
Smartwares cameras CIP-37210AT and C724IP, as well as others which share the same firmware in... High Unreviewed
CVE-2024-13892 was published Mar 6, 2025
Ericsson Indoor Connect 8855 contains a command injection vulnerability which if exploited can... High Unreviewed
CVE-2025-27262 was published Sep 25, 2025
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... High Unreviewed
CVE-2024-52058 was published Dec 13, 2024
GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of... High Unreviewed
CVE-2014-6278 was published May 13, 2022
Meridian Technique Materialise OrthoView through 7.5.1 allows OS Command Injection when servlet... High Unreviewed
CVE-2025-23049 was published Jun 23, 2025
IBM InfoSphere 11.7.0.0 through 11.7.1.6 Information Server could allow an authenticated user to... High Unreviewed
CVE-2025-36245 was published Sep 30, 2025
Argument injection vulnerability in SonarQube Scan Action High
CVE-2025-59844 was published for SonarSource/sonarqube-scan-action (GitHub Actions) Sep 26, 2025
Multiple robotic products by Unitree sharing a common firmware, including the Go2, G1, H1, and B2... High Unreviewed
CVE-2025-35027 was published Sep 26, 2025
Unitree Go2, G1, H1, and B2 devices through 2025-09-20 allow root OS command injection via the... High Unreviewed
CVE-2025-60017 was published Sep 26, 2025
Claude Code vulnerable to arbitrary code execution caused by maliciously configured git email High
CVE-2025-59041 was published for @anthropic-ai/claude-code (npm) Sep 10, 2025
cai0duque
Credited to cai0duque
A command injection vulnerability has been reported to affect QHora. If exploited, the... High Unreviewed
CVE-2024-50390 was published Mar 7, 2025
An OS command injection vulnerability has been reported to affect several product versions. If... High Unreviewed
CVE-2024-48861 was published Nov 22, 2024
A command injection vulnerability has been reported to affect QuRouter 2.5.1. If a remote... High Unreviewed
CVE-2025-29887 was published Aug 29, 2025
An authenticated OS command injection vulnerability exists in Netgear routers (tested on the... High Unreviewed
CVE-2013-10061 was published Aug 1, 2025
An authenticated OS command injection vulnerability exists in various D-Link routers (tested on... High Unreviewed
CVE-2013-10059 was published Aug 1, 2025
An OS command injection vulnerability exists in multiple D-Link routers—confirmed on DIR-300 rev... High Unreviewed
CVE-2013-10050 was published Aug 1, 2025
A command injection vulnerability has been reported to affect several QNAP operating system... High Unreviewed
CVE-2024-50393 was published Dec 6, 2024
An OS command injection vulnerability has been discovered in the Vitogate 300, which can be... High Unreviewed
CVE-2025-9494 was published Sep 23, 2025
OctoPrint is Vulnerable to RCE Attacks via Unsanitized Filename in File Upload High
CVE-2025-58180 was published for octoprint (pip) Sep 9, 2025
prabhatverma47
Credited to prabhatverma47
A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN Gateways Command Line... High Unreviewed
CVE-2025-37126 was published Sep 17, 2025
In LemonLDAP::NG before 2.16.7 and 2.17 through 2.21 before 2.21.3, OS command injection can... High Unreviewed
CVE-2025-59518 was published Sep 17, 2025
The N-Reporter, N-Cloud, and N-Probe developed by N-Partner has an OS Command Injection... High Unreviewed
CVE-2025-10589 was published Sep 17, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database