GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,512
Composer 4,968
Erlang 39
GitHub Actions 38
Go 2,616
Maven 6,100
npm 4,255
NuGet 760
pip 4,040
Pub 12
RubyGems 953
Rust 1,050
Swift 45

Unreviewed advisories

All unreviewed 275,916

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,071 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In addition to the c_rehash shell command injection identified in CVE-2022-1292, further... Critical Unreviewed

CVE-2022-2068 was published Jun 22, 2022

In RUCKUS SmartZone (SZ) before 6.1.2p3 Refresh Build, OS command injection can occur via an IP... Critical Unreviewed

CVE-2025-44961 was published Aug 4, 2025

CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'... Critical Unreviewed

CVE-2025-50121 was published Jul 11, 2025

org-babel-execute:latex in ob-latex.el in Org Mode through 9.6.1 for GNU Emacs allows attackers... Critical Unreviewed

CVE-2023-28617 was published Mar 19, 2023

The Metro Development Server, which is opened by the React Native CLI, binds to external... Critical Unreviewed

CVE-2025-11953 was published Nov 3, 2025

Nagios XI versions prior to 2024R1.2 are vulnerable to remote code execution (RCE) through its... Critical Unreviewed

CVE-2024-14003 was published Oct 31, 2025

Nagios XI versions prior to 2024R1.2 contain a command injection vulnerability in the Docker... Critical Unreviewed

CVE-2024-14005 was published Oct 31, 2025

Nagios XI versions prior to 2024R2 contain a command injection vulnerability in the WinRM plugin.... Critical Unreviewed

CVE-2025-34284 was published Oct 31, 2025

Nagios XI versions prior to 2024R1.3.2 contain a remote command execution vulnerability in the... Critical Unreviewed

CVE-2024-14008 was published Oct 31, 2025

Nagios XI versions prior to 2024R1.4.2 contain a remote code execution vulnerability in the... Critical Unreviewed

CVE-2025-34134 was published Oct 31, 2025

Nagios XI versions prior to 2026R1 contain a remote code execution vulnerability in the Core... Critical Unreviewed

CVE-2025-34286 was published Oct 31, 2025

Nagios XI versions prior to 5.6.14 contain an authenticated remote command execution... Critical Unreviewed

CVE-2020-36856 was published Oct 31, 2025

D-Link DNS-343 ShareCenter devices running firmware versions up to and including 1.05 contain a... Critical Unreviewed

CVE-2018-25120 was published Oct 29, 2025

win-cli-mcp-server resolveCommandPath Command Injection Remote Code Execution Vulnerability. This... Critical Unreviewed

CVE-2025-11202 was published Oct 29, 2025

Antabot White-Jotter up to commit 9bcadc was discovered to contain an unauthenticated remote code... Critical Unreviewed

CVE-2025-60803 was published Oct 24, 2025

A command injection vulnerability may be exploited after the admin's authentication on the web... Critical Unreviewed

CVE-2025-7850 was published Oct 21, 2025

An arbitrary OS command may be executed on the product by a remote unauthenticated attacker. Critical Unreviewed

CVE-2025-6542 was published Oct 21, 2025

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an OS command injection... Critical Unreviewed

CVE-2025-34513 was published Oct 16, 2025

AMTT Hotel Broadband Operation System (HiBOS) contains an unauthenticated command injection... Critical Unreviewed

CVE-2016-15048 was published Oct 22, 2025

GNU Bash through 4.3 processes trailing strings after function definitions in the values of... Critical Unreviewed

CVE-2014-6271 was published May 13, 2022

An OS command injection vulnerability in Palo Alto Networks Expedition allows an unauthenticated... Critical Unreviewed

CVE-2024-9463 was published Oct 9, 2024

An issue was discovered in Aviatrix Controller before 7.1.4191 and 7.2.x before 7.2.4996. Due to... Critical Unreviewed

CVE-2024-50603 was published Jan 8, 2025

Certain EOL GeoVision devices have an OS Command Injection vulnerability. Unauthenticated remote... Critical Unreviewed

CVE-2024-11120 was published Nov 15, 2024

Certain EOL GeoVision devices fail to properly filter user input for the specific functionality.... Critical Unreviewed

CVE-2024-6047 was published Jun 17, 2024

In PHP versions 8.1.* before 8.1.29, 8.2.* before 8.2.20, 8.3.* before 8.3.8, when using Apache... Critical Unreviewed

CVE-2024-4577 was published Jun 9, 2024

Previous1…43 Next

Previous 1 2 3 4 5 … 42 43 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,071 advisories