Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,300
Erlang
31
GitHub Actions
21
Go
2,069
Maven
5,000+
npm
3,744
NuGet
668
pip
3,429
Pub
12
RubyGems
892
Rust
880
Swift
36
Unreviewed advisories
All unreviewed
5,000+

3,353 advisories

Loading
An OS command injection vulnerability in Palo Alto Networks Expedition enables an authenticated... Moderate Unreviewed
CVE-2025-0107 was published Jan 11, 2025
An OS Command Injection vulnerability was found in /landrecordsys/admin/dashboard.php in... Critical Unreviewed
CVE-2024-57687 was published Jan 10, 2025
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... Critical Unreviewed
CVE-2024-43653 was published Jan 9, 2025
Authenticated command injection in the filename of a <redacted>.exe request leads to remote code... Critical Unreviewed
CVE-2024-43649 was published Jan 9, 2025
Command injection in the <redacted> parameter of a <redacted>.exe request leads to remote code... Critical Unreviewed
CVE-2024-43648 was published Jan 9, 2025
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... Critical Unreviewed
CVE-2024-43654 was published Jan 9, 2025
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... Critical Unreviewed
CVE-2024-43652 was published Jan 9, 2025
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... Critical Unreviewed
CVE-2024-43655 was published Jan 9, 2025
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... Critical Unreviewed
CVE-2024-43650 was published Jan 9, 2025
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... Critical Unreviewed
CVE-2024-43651 was published Jan 9, 2025
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... Critical Unreviewed
CVE-2024-43656 was published Jan 9, 2025
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... Critical Unreviewed
CVE-2024-43657 was published Jan 9, 2025
An issue was discovered in Aviatrix Controller before 7.1.4191 and 7.2.x before 7.2.4996. Due to... Critical Unreviewed
CVE-2024-50603 was published Jan 8, 2025
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Low Unreviewed
CVE-2024-12970 was published Jan 6, 2025
A vulnerability was found in Roxy-WI up to 8.1.3. It has been declared as critical. Affected by... High Unreviewed
CVE-2024-13129 was published Jan 4, 2025
Moxa’s cellular routers, secure routers, and network security appliances are affected by a... Critical Unreviewed
CVE-2024-9140 was published Jan 3, 2025
Webmin CGI Command Injection Remote Code Execution Vulnerability. This vulnerability allows... Critical Unreviewed
CVE-2024-12828 was published Dec 30, 2024
IBM WebSphere Automation 1.7.5 could allow a remote privileged user, who has authorized access to... High Unreviewed
CVE-2024-54181 was published Dec 30, 2024
Tiki Wiki CMS – CWE-80: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic... Moderate Unreviewed
CVE-2024-47918 was published Dec 30, 2024
Tiki Wiki CMS – CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS... Critical Unreviewed
CVE-2024-47919 was published Dec 30, 2024
The Four-Faith router models F3x24 and F3x36 are affected by an operating system (OS) command... High Unreviewed
CVE-2024-12856 was published Dec 27, 2024
home 5G HR02 and Wi-Fi STATION SH-54C contain an OS command injection vulnerability in the... High Unreviewed
CVE-2024-54082 was published Dec 23, 2024
home 5G HR02, Wi-Fi STATION SH-52B, and Wi-Fi STATION SH-54C contain an OS command injection... High Unreviewed
CVE-2024-45721 was published Dec 23, 2024
A command injection is possible through the user interface, allowing arbitrary command execution... High Unreviewed
CVE-2020-13712 was published Dec 21, 2024
GoCast OS Command Injection vulnerability Critical
CVE-2024-28892 was published for github.com/mayuresh82/gocast (Go) Dec 20, 2024
Malayke
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database