Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,615
Maven
5,000+
npm
4,255
NuGet
760
pip
4,036
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,268 advisories

Loading
Lack of input validation/sanitization in the 'setLanCfg' API endpoint in httpd in the Tenda RX2... High Unreviewed
CVE-2025-46625 was published May 2, 2025
Codemers KLIMS 1.6.DEV allows Python code injection. A user can provide Python code as an input... High Unreviewed
CVE-2025-43948 was published Apr 22, 2025
Directory Traversal vulnerability in forkosh Mime Tex before v.1.77 allows an attacker to execute... High Unreviewed
CVE-2024-40445 was published Apr 22, 2025
In JetBrains Toolbox App before 2.6 command injection in SSH plugin was possible High Unreviewed
CVE-2025-43012 was published Apr 17, 2025
An issue in Oncord+ Android Infotainment Systems OS Android 12, Model Hardware TS17,Hardware part... High Unreviewed
CVE-2024-36842 was published Apr 15, 2025
Authenticated command injection vulnerabilities exist in the AOS-10 GW and AOS-8 Controller... High Unreviewed
CVE-2025-27083 was published Apr 8, 2025
A command injection vulnerability in D-Link DIR-823X 240126 and 240802 allows an authorized... High Unreviewed
CVE-2025-29635 was published Mar 25, 2025
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability via the pt... High Unreviewed
CVE-2025-29223 was published Mar 21, 2025
In Linksys E5600 V1.1.0.26, the \usr\share\lua\runtime.lua file contains a command injection... High Unreviewed
CVE-2025-29227 was published Mar 21, 2025
In Linksys E5600 V1.1.0.26, the \usr\share\lua\runtime.lua file contains a command injection... High Unreviewed
CVE-2025-29226 was published Mar 21, 2025
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the... High Unreviewed
CVE-2025-29230 was published Mar 21, 2025
AutoGPT versions 0.3.4 and earlier are vulnerable to a Server-Side Template Injection (SSTI) that... High Unreviewed
CVE-2025-1040 was published Mar 20, 2025
A command injection vulnerability exists in the workflow-checker.yml workflow of significant... High Unreviewed
CVE-2024-8156 was published Mar 20, 2025
LiteLLM Vulnerable to Remote Code Execution (RCE) High
CVE-2024-6825 was published for litellm (pip) Mar 20, 2025
In the `manim` plugin of binary-husky/gpt_academic, versions prior to the fix, a vulnerability... High Unreviewed
CVE-2024-10954 was published Mar 20, 2025
Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an... High Unreviewed
CVE-2025-22472 was published Mar 17, 2025
Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an... High Unreviewed
CVE-2025-22473 was published Mar 17, 2025
Dell SmartFabric OS10 Software, version(s) 10.5.4.x, 10.5.5.x, 10.5.6.x, 10.6.0.x, contain(s) an... High Unreviewed
CVE-2024-48830 was published Mar 17, 2025
Improper Neutralization of Special Elements used in a Command vulnerability allows OS Command... High Unreviewed
CVE-2024-12992 was published Mar 17, 2025
Improper Neutralization of Special Elements used in a Command vulnerability allows OS Command... High Unreviewed
CVE-2024-12971 was published Mar 17, 2025
A improper neutralization of special elements used in a command ('command injection') in Fortinet... High Unreviewed
CVE-2024-46662 was published Mar 14, 2025
Improper neutralization of special elements used in a command ('command injection') in Azure Arc... High Unreviewed
CVE-2025-26627 was published Mar 11, 2025
Improper neutralization of special elements used in a command ('command injection') in Azure... High Unreviewed
CVE-2025-24049 was published Mar 11, 2025
Dell ThinOS 2411 and prior, contains an Improper Neutralization of Special Elements used in a... High Unreviewed
CVE-2025-26331 was published Mar 7, 2025
Smartwares cameras CIP-37210AT and C724IP, as well as others which share the same firmware in... High Unreviewed
CVE-2024-13892 was published Mar 6, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database