Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,360
Erlang
33
GitHub Actions
22
Go
2,127
Maven
5,000+
npm
3,793
NuGet
683
pip
3,471
Pub
12
RubyGems
894
Rust
894
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,457 advisories

Loading
Implementation of the Simple Network Management Protocol (SNMP) operating on the Brocade 6547 ... High Unreviewed
CVE-2024-5461 was published Feb 15, 2025
The vulnerability may allow a remote low priviledged attacker to run arbitrary shell commands by... High Unreviewed
CVE-2025-0593 was published Feb 14, 2025
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... Critical Unreviewed
CVE-2025-22630 was published Feb 14, 2025
A critical remote code execution (RCE) vulnerability exists in the web-based management interface... High Unreviewed
CVE-2025-22962 was published Feb 14, 2025
An attacker may inject commands via specially-crafted post requests. High Unreviewed
CVE-2025-24861 was published Feb 14, 2025
A vulnerability classified as critical was found in olajowon Loggrove up to... Moderate Unreviewed
CVE-2025-1229 was published Feb 13, 2025
In Progress® Telerik® UI for WinUI versions prior to 2025 Q1 (3.0.0), a command injection attack... High Unreviewed
CVE-2024-12251 was published Feb 12, 2025
An issue in Team Amaze Amaze File Manager v.3.8.5 and fixed in v.3.10 allows a local attacker to... Moderate Unreviewed
CVE-2024-33469 was published Feb 12, 2025
The Platform component of Mitel OpenScape 4000 and OpenScape 4000 Manager V11 R0.22.0 through V11... High Unreviewed
CVE-2025-23094 was published Feb 6, 2025
Honeywell OneWireless Wireless Device Manager (WDM) for the following versions R310.x, R320.x,... Critical Unreviewed
CVE-2023-5878 was published Feb 6, 2025
When running in Appliance mode, an authenticated remote command injection vulnerability exists in... High Unreviewed
CVE-2025-23239 was published Feb 5, 2025
eladmin <=2.7 is vulnerable to CSV Injection in the exception log download module. Critical Unreviewed
CVE-2025-22978 was published Feb 3, 2025
EasyVirt DCScope 8.6.0 and earlier and co2Scope 1.3.0 and earlier are vulnerable to Command... Critical Unreviewed
CVE-2024-55062 was published Feb 1, 2025
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed
CVE-2024-23971 was published Jan 31, 2025
files.photo.gallery command injection Moderate
CVE-2024-53615 was published for files.photo.gallery (npm) Jan 30, 2025
The specific component in Celk Saude 3.1.252.1 that processes user input and returns error... Critical Unreviewed
CVE-2024-48761 was published Jan 30, 2025
A vulnerability was found in MicroWorld eScan Antivirus 7.0.32 on Linux. It has been rated as... Critical Unreviewed
CVE-2025-0798 was published Jan 29, 2025
A privacy issue was addressed with improved handling of files. This issue is fixed in macOS... High Unreviewed
CVE-2025-24150 was published Jan 28, 2025
Network access can be used to execute arbitrary code with elevated privileges. This issue... Critical Unreviewed
CVE-2024-48841 was published Jan 27, 2025
Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 suffers from Command Injection issues in ... High Unreviewed
CVE-2024-48419 was published Jan 27, 2025
TRENDnet TEW-632BRP v1.010B31 devices have an OS command injection vulnerability in the CGl... Critical Unreviewed
CVE-2024-57590 was published Jan 27, 2025
ECOVACS robot lawnmowers and vacuums are vulnerable to command injection via SetNetPin() over an... Moderate Unreviewed
CVE-2024-52325 was published Jan 23, 2025
A code injection vulnerability exists in the Ambari Alert Definition feature, allowing... High Unreviewed
CVE-2025-23196 was published Jan 22, 2025
Linksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via... High Unreviewed
CVE-2024-57536 was published Jan 21, 2025
Linksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via... High Unreviewed
CVE-2024-57539 was published Jan 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database