GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,497
Composer 4,963
Erlang 39
GitHub Actions 38
Go 2,615
Maven 6,096
npm 4,255
NuGet 760
pip 4,036
Pub 12
RubyGems 953
Rust 1,049
Swift 45

Unreviewed advisories

All unreviewed 275,673

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

1,261 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Nagios XI versions prior to 2024R2 contain a command injection vulnerability in the WinRM plugin.... Critical Unreviewed

CVE-2025-34284 was published Oct 31, 2025

Nagios XI versions prior to 2026R1 contain a remote code execution vulnerability in the Core... Critical Unreviewed

CVE-2025-34286 was published Oct 31, 2025

Nagios XI versions prior to 2024R1.2 are vulnerable to remote code execution (RCE) through its... Critical Unreviewed

CVE-2024-14003 was published Oct 31, 2025

Nagios XI versions prior to 2024R1.2 contain a command injection vulnerability in the Docker... Critical Unreviewed

CVE-2024-14005 was published Oct 31, 2025

Nagios XI versions prior to 2024R1.3.2 contain a remote command execution vulnerability in the... Critical Unreviewed

CVE-2024-14008 was published Oct 31, 2025

Nagios XI versions prior to 2024R1.4.2 contain a remote code execution vulnerability in the... Critical Unreviewed

CVE-2025-34134 was published Oct 31, 2025

Nagios XI versions prior to 5.6.14 contain an authenticated remote command execution... Critical Unreviewed

CVE-2020-36856 was published Oct 31, 2025

D-Link DNS-343 ShareCenter devices running firmware versions up to and including 1.05 contain a... Critical Unreviewed

CVE-2018-25120 was published Oct 29, 2025

win-cli-mcp-server resolveCommandPath Command Injection Remote Code Execution Vulnerability. This... Critical Unreviewed

CVE-2025-11202 was published Oct 29, 2025

Antabot White-Jotter up to commit 9bcadc was discovered to contain an unauthenticated remote code... Critical Unreviewed

CVE-2025-60803 was published Oct 24, 2025

AMTT Hotel Broadband Operation System (HiBOS) contains an unauthenticated command injection... Critical Unreviewed

CVE-2016-15048 was published Oct 22, 2025

NeuVector Enforcer is vulnerable to Command Injection and Buffer overflow Critical

CVE-2025-54469 was published for github.com/neuvector/neuvector (Go) Oct 21, 2025

A command injection vulnerability may be exploited after the admin's authentication on the web... Critical Unreviewed

CVE-2025-7850 was published Oct 21, 2025

An arbitrary OS command may be executed on the product by a remote unauthenticated attacker. Critical Unreviewed

CVE-2025-6542 was published Oct 21, 2025

GeoVision embedded IP devices, confirmed on GV-BX1500 and GV-MFD1501, contain a remote command... Critical Unreviewed

CVE-2018-25118 was published Oct 21, 2025

The iSherlock developed by HGiga has an OS Command Injection vulnerability, allowing... Critical Unreviewed

CVE-2025-11900 was published Oct 17, 2025

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an OS command injection... Critical Unreviewed

CVE-2025-34513 was published Oct 16, 2025

Ruijie RG-UAC Application Management Gateway contains a command injection vulnerability via the ... Critical Unreviewed

CVE-2023-7304 was published Oct 15, 2025

BYTEVALUE Intelligent Flow Control Router contains a command injection vulnerability via the ... Critical Unreviewed

CVE-2023-7311 was published Oct 15, 2025

An OS Command Injection vulnerability affecting Station Launcher App in 3DEXPERIENCE platform... Critical Unreviewed

CVE-2025-9976 was published Oct 13, 2025

OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F... Critical Unreviewed

CVE-2025-60964 was published Oct 6, 2025

OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F... Critical Unreviewed

CVE-2025-60965 was published Oct 6, 2025

OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F... Critical Unreviewed

CVE-2025-60957 was published Oct 6, 2025

Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability... Critical Unreviewed

CVE-2025-59740 was published Oct 2, 2025

Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability... Critical Unreviewed

CVE-2025-59739 was published Oct 2, 2025

Previous1…51 Next

Previous 1 2 3 4 5 … 50 51 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,261 advisories