Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,890
Erlang
37
GitHub Actions
38
Go
2,546
Maven
5,000+
npm
4,217
NuGet
745
pip
3,994
Pub
12
RubyGems
950
Rust
1,038
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,062 advisories

Loading
AVTECH devices that include the CloudSetup.cgi management endpoint are vulnerable to... High Unreviewed
CVE-2016-15047 was published Oct 9, 2025
In Flowmon versions prior to 12.5.5, a vulnerability has been identified that allows a user with... High Unreviewed
CVE-2025-10239 was published Oct 9, 2025
An OS Command Injection vulnerability in the Admin panel in Curo UC300 5.42.1.7.1.63R1 allows... High Unreviewed
CVE-2025-57457 was published Oct 8, 2025
Multiple OS command injection vulnerabilities exist in the swctrl functionality of Planet WGR-500... High Unreviewed
CVE-2025-54404 was published Oct 7, 2025
Multiple OS command injection vulnerabilities exist in the formPingCmd functionality of Planet... High Unreviewed
CVE-2025-54405 was published Oct 7, 2025
Multiple OS command injection vulnerabilities exist in the swctrl functionality of Planet WGR-500... High Unreviewed
CVE-2025-54403 was published Oct 7, 2025
Multiple OS command injection vulnerabilities exist in the formPingCmd functionality of Planet... High Unreviewed
CVE-2025-54406 was published Oct 7, 2025
OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F... High Unreviewed
CVE-2025-60963 was published Oct 6, 2025
OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F... High Unreviewed
CVE-2025-60959 was published Oct 6, 2025
OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F... High Unreviewed
CVE-2025-60960 was published Oct 6, 2025
OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F... High Unreviewed
CVE-2025-60962 was published Oct 6, 2025
IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11... High Unreviewed
CVE-2025-36354 was published Oct 6, 2025
Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements... High Unreviewed
CVE-2025-36604 was published Aug 4, 2025
Firmware in KAON AR2140 routers prior to version 4.2.16 is vulnerable to a shell command... High Unreviewed
CVE-2024-3659 was published Aug 8, 2024
Smartwares cameras CIP-37210AT and C724IP, as well as others which share the same firmware in... High Unreviewed
CVE-2024-13892 was published Mar 6, 2025
Ericsson Indoor Connect 8855 contains a command injection vulnerability which if exploited can... High Unreviewed
CVE-2025-27262 was published Sep 25, 2025
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... High Unreviewed
CVE-2024-52058 was published Dec 13, 2024
GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of... High Unreviewed
CVE-2014-6278 was published May 13, 2022
Meridian Technique Materialise OrthoView through 7.5.1 allows OS Command Injection when servlet... High Unreviewed
CVE-2025-23049 was published Jun 23, 2025
IBM InfoSphere 11.7.0.0 through 11.7.1.6 Information Server could allow an authenticated user to... High Unreviewed
CVE-2025-36245 was published Sep 30, 2025
Multiple robotic products by Unitree sharing a common firmware, including the Go2, G1, H1, and B2... High Unreviewed
CVE-2025-35027 was published Sep 26, 2025
Unitree Go2, G1, H1, and B2 devices through 2025-09-20 allow root OS command injection via the... High Unreviewed
CVE-2025-60017 was published Sep 26, 2025
Nagios XI < 2026R1 is vulnerable to an authenticated command injection vulnerability within the... High Unreviewed
CVE-2025-34227 was published Sep 25, 2025
A command injection vulnerability has been reported to affect QHora. If exploited, the... High Unreviewed
CVE-2024-50390 was published Mar 7, 2025
An OS command injection vulnerability has been reported to affect several product versions. If... High Unreviewed
CVE-2024-48861 was published Nov 22, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database