Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,615
Maven
5,000+
npm
4,255
NuGet
760
pip
4,036
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,268 advisories

Loading
filebrowser Allows Shell Commands to Spawn Other Commands High
CVE-2025-52903 was published for github.com/filebrowser/filebrowser (Go) Jun 27, 2025
mtausig hacdias
Credited to mtausig and hacdias
Improper Neutralization of Special Elements in the Netflow directory field may allow OS command... High Unreviewed
CVE-2025-5306 was published Jun 27, 2025
A vulnerability, which was classified as critical, was found in Wifi-soft UniBox Controller up to... High Unreviewed
CVE-2025-6104 was published Jun 16, 2025
A vulnerability, which was classified as critical, has been found in Wifi-soft UniBox Controller... High Unreviewed
CVE-2025-6103 was published Jun 16, 2025
A vulnerability classified as critical was found in Wifi-soft UniBox Controller up to 20250506.... High Unreviewed
CVE-2025-6102 was published Jun 16, 2025
Improper neutralization of special elements used in a command ('command injection') in Visual... High Unreviewed
CVE-2025-47959 was published Jun 13, 2025
A command injection vulnerability in Palo Alto Networks PAN-OS® enables an authenticated... High Unreviewed
CVE-2025-4231 was published Jun 13, 2025
'.../...//' in Microsoft Office Outlook allows an authorized attacker to execute code locally. High Unreviewed
CVE-2025-47176 was published Jun 10, 2025
Improper Neutralization of Special Elements in the chromium_path variable may allow OS command... High Unreviewed
CVE-2025-4678 was published Jun 10, 2025
Improper Neutralization of Special Elements in the backup name field may allow OS command... High Unreviewed
CVE-2025-4653 was published Jun 10, 2025
A command injection vulnerability has been reported to affect several QNAP operating system... High Unreviewed
CVE-2025-22481 was published Jun 6, 2025
A command injection remote code execution vulnerability exists in HPE StoreOnce Software. High Unreviewed
CVE-2025-37096 was published Jun 2, 2025
A command injection remote code execution vulnerability exists in HPE StoreOnce Software. High Unreviewed
CVE-2025-37089 was published Jun 2, 2025
A command injection remote code execution vulnerability exists in HPE StoreOnce Software. High Unreviewed
CVE-2025-37092 was published Jun 2, 2025
A command injection remote code execution vulnerability exists in HPE StoreOnce Software. High Unreviewed
CVE-2025-37091 was published Jun 2, 2025
The Diviotec professional series exposes a web interface. One endpoint is vulnerable to arbitrary... High Unreviewed
CVE-2025-5113 was published Jun 2, 2025
The Netcom NTC 6200 and NWL 222 series expose a web interface to be configured and set up by... High Unreviewed
CVE-2025-4010 was published Jun 2, 2025
A vulnerability classified as critical was found in FLIR AX8 up to 1.46.16. This vulnerability... High Unreviewed
CVE-2025-5126 was published May 24, 2025
An issue was discovered in Infoblox NETMRI before 7.6.1. Remote Unauthenticated Command Injection... High Unreviewed
CVE-2025-32813 was published May 22, 2025
Multiple Code Injection vulnerabilities in EasyVirt DC NetScope <= 8.7.0 allows remote... High Unreviewed
CVE-2024-55063 was published May 19, 2025
Improper neutralization of special elements used in a command ('command injection') in Visual... High Unreviewed
CVE-2025-32702 was published May 13, 2025
IBM Storage Scale 5.2.2.0 and 5.2.2.1, under certain configurations, could allow an authenticated... High Unreviewed
CVE-2025-1137 was published May 10, 2025
When running in Appliance mode, a command injection vulnerability exists in an undisclosed... High Unreviewed
CVE-2025-31644 was published May 8, 2025
A vulnerability classified as critical has been found in D-Link DIR-600L up to 2.07B01. This... High Unreviewed
CVE-2025-4349 was published May 6, 2025
A vulnerability classified as critical was found in D-Link DIR-600L up to 2.07B01. This... High Unreviewed
CVE-2025-4350 was published May 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database