GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,904
Erlang
38
GitHub Actions
38
Go
2,566
Maven
5,000+
npm
4,237
NuGet
753
pip
4,001
Pub
12
RubyGems
953
Rust
1,042
Swift
45
Unreviewed advisories
All unreviewed
5,000+
2,246 advisories
Filter by severity
Multiple OS command injection vulnerabilities exist in the formPingCmd functionality of Planet...
High
Unreviewed
CVE-2025-54406
was published
Oct 7, 2025
Multiple OS command injection vulnerabilities exist in the swctrl functionality of Planet WGR-500...
High
Unreviewed
CVE-2025-54403
was published
Oct 7, 2025
Multiple OS command injection vulnerabilities exist in the formPingCmd functionality of Planet...
High
Unreviewed
CVE-2025-54405
was published
Oct 7, 2025
Multiple OS command injection vulnerabilities exist in the swctrl functionality of Planet WGR-500...
High
Unreviewed
CVE-2025-54404
was published
Oct 7, 2025
An OS Command Injection vulnerability in the Admin panel in Curo UC300 5.42.1.7.1.63R1 allows...
High
Unreviewed
CVE-2025-57457
was published
Oct 8, 2025
n8n: Execute Command Node Allows Authenticated Users to Run Arbitrary Commands on Host
High
GHSA-365g-vjw2-grx8
was published
for
n8n
(npm)
Oct 9, 2025
In Flowmon versions prior to 12.5.5, a vulnerability has been identified that allows a user with...
High
Unreviewed
CVE-2025-10239
was published
Oct 9, 2025
AVTECH devices that include the CloudSetup.cgi management endpoint are vulnerable to...
High
Unreviewed
CVE-2016-15047
was published
Oct 9, 2025
EMCLI contains a high severity vulnerability where improper neutralization of special elements...
High
Unreviewed
CVE-2025-0636
was published
Oct 13, 2025
OS command injection in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12...
High
Unreviewed
CVE-2025-10242
was published
Oct 14, 2025
OS command injection in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12...
High
Unreviewed
CVE-2025-10243
was published
Oct 14, 2025
Two improper neutralization of special elements used in an OS command ('OS Command Injection')...
High
Unreviewed
CVE-2025-47856
was published
Oct 14, 2025
OS command injection in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12...
High
Unreviewed
CVE-2025-10985
was published
Oct 14, 2025
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')...
High
Unreviewed
CVE-2025-5946
was published
Oct 14, 2025
An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')...
High
Unreviewed
CVE-2024-48891
was published
Oct 14, 2025
A user with specific node group editing permissions and a specially crafted class parameter could...
High
Unreviewed
CVE-2025-5459
was published
Jun 26, 2025
Nagios XI < 2026R1 is vulnerable to an authenticated command injection vulnerability within the...
High
Unreviewed
CVE-2025-34227
was published
Sep 25, 2025
When running in Appliance mode, a highly privileged authenticated attacker with access to SCP and...
High
Unreviewed
CVE-2025-53868
was published
Oct 15, 2025
Netty has SMTP Command Injection Vulnerability that Allows Email Forgery
High
CVE-2025-59419
was published
for
io.netty:netty-codec-smtp
(Maven)
Oct 15, 2025
Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain authenticated OS command injection...
High
Unreviewed
CVE-2025-34514
was published
Oct 16, 2025
`git-comiters` Command Injection vulnerability
High
CVE-2025-59831
was published
for
git-commiters
(npm)
Sep 22, 2025
ProTip!
Advisories are also available from the
GraphQL API