Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,885
Erlang
37
GitHub Actions
38
Go
2,546
Maven
5,000+
npm
4,208
NuGet
744
pip
3,985
Pub
12
RubyGems
950
Rust
1,034
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,232 advisories

Loading
Multiple OS command injection vulnerabilities exist in the swctrl functionality of Planet WGR-500... High Unreviewed
CVE-2025-54404 was published Oct 7, 2025
Multiple OS command injection vulnerabilities exist in the formPingCmd functionality of Planet... High Unreviewed
CVE-2025-54405 was published Oct 7, 2025
Multiple OS command injection vulnerabilities exist in the swctrl functionality of Planet WGR-500... High Unreviewed
CVE-2025-54403 was published Oct 7, 2025
Multiple OS command injection vulnerabilities exist in the formPingCmd functionality of Planet... High Unreviewed
CVE-2025-54406 was published Oct 7, 2025
OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F... High Unreviewed
CVE-2025-60959 was published Oct 6, 2025
OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F... High Unreviewed
CVE-2025-60960 was published Oct 6, 2025
OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F... High Unreviewed
CVE-2025-60963 was published Oct 6, 2025
OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F... High Unreviewed
CVE-2025-60962 was published Oct 6, 2025
IBM Security Verify Access and IBM Security Verify Access Docker 10.0.0.0 through 10.0.9.0 and 11... High Unreviewed
CVE-2025-36354 was published Oct 6, 2025
Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements... High Unreviewed
CVE-2025-36604 was published Aug 4, 2025
Firmware in KAON AR2140 routers prior to version 4.2.16 is vulnerable to a shell command... High Unreviewed
CVE-2024-3659 was published Aug 8, 2024
Smartwares cameras CIP-37210AT and C724IP, as well as others which share the same firmware in... High Unreviewed
CVE-2024-13892 was published Mar 6, 2025
Ericsson Indoor Connect 8855 contains a command injection vulnerability which if exploited can... High Unreviewed
CVE-2025-27262 was published Sep 25, 2025
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... High Unreviewed
CVE-2024-52058 was published Dec 13, 2024
GNU Bash through 4.3 bash43-026 does not properly parse function definitions in the values of... High Unreviewed
CVE-2014-6278 was published May 13, 2022
Meridian Technique Materialise OrthoView through 7.5.1 allows OS Command Injection when servlet... High Unreviewed
CVE-2025-23049 was published Jun 23, 2025
IBM InfoSphere 11.7.0.0 through 11.7.1.6 Information Server could allow an authenticated user to... High Unreviewed
CVE-2025-36245 was published Sep 30, 2025
Argument injection vulnerability in SonarQube Scan Action High
CVE-2025-59844 was published for SonarSource/sonarqube-scan-action (GitHub Actions) Sep 26, 2025
`git-comiters` Command Injection vulnerability High
CVE-2025-59831 was published for git-commiters (npm) Sep 22, 2025
lirantal
Multiple robotic products by Unitree sharing a common firmware, including the Go2, G1, H1, and B2... High Unreviewed
CVE-2025-35027 was published Sep 26, 2025
Unitree Go2, G1, H1, and B2 devices through 2025-09-20 allow root OS command injection via the... High Unreviewed
CVE-2025-60017 was published Sep 26, 2025
Claude Code vulnerable to arbitrary code execution caused by maliciously configured git email High
CVE-2025-59041 was published for @anthropic-ai/claude-code (npm) Sep 10, 2025
cai0duque
Nagios XI < 2026R1 is vulnerable to an authenticated command injection vulnerability within the... High Unreviewed
CVE-2025-34227 was published Sep 25, 2025
A command injection vulnerability has been reported to affect QHora. If exploited, the... High Unreviewed
CVE-2024-50390 was published Mar 7, 2025
An OS command injection vulnerability has been reported to affect several product versions. If... High Unreviewed
CVE-2024-48861 was published Nov 22, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database