GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,594
Composer 4,463
Erlang 33
GitHub Actions 22
Go 2,161
Maven 5,346
npm 3,821
NuGet 696
pip 3,502
Pub 12
RubyGems 909
Rust 904
Swift 38

Unreviewed advisories

All unreviewed 247,575

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,883 advisories

Filter by severity

Sort by

Least recently updated

A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker... High Unreviewed

CVE-2025-20138 was published Mar 12, 2025

An improper neutralization of special elements used in an OS Command vulnerability [CWE-78] in... High Unreviewed

CVE-2024-52961 was published Mar 11, 2025

Multiple improper neutralization of special elements used in an OS command ('OS Command Injection... High Unreviewed

CVE-2024-55590 was published Mar 11, 2025

Multiple improper neutralization of special elements used in an OS Command vulnerabilities [CWE... High Unreviewed

CVE-2024-54018 was published Mar 11, 2025

The authenticated SCU firmware command of the firmware for Mennekes Smart / Premium... High Unreviewed

CVE-2025-22368 was published Mar 11, 2025

The authenticated firmware update capability of the firmware for Mennekes Smart / Premium... High Unreviewed

CVE-2025-22366 was published Mar 11, 2025

The authenticated time setting capability of the firmware for Mennekes Smart / Premium... High Unreviewed

CVE-2025-22367 was published Mar 11, 2025

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0... High Unreviewed

CVE-2025-27394 was published Mar 11, 2025

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0... High Unreviewed

CVE-2025-27392 was published Mar 11, 2025

A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0... High Unreviewed

CVE-2025-27393 was published Mar 11, 2025

A post-authentication command injection vulnerability in the "DNSServer” parameter of the... High Unreviewed

CVE-2024-11253 was published Mar 11, 2025

A post-authentication command injection vulnerability in the ”zyUtilMailSend” function of the... High Unreviewed

CVE-2024-12010 was published Mar 11, 2025

A post-authentication command injection vulnerability in the "ZyEE" function of the Zyxel EX5601... High Unreviewed

CVE-2024-12009 was published Mar 11, 2025

On Barracuda CloudGen WAN Private Edge Gateway devices before 8 webui-sdwan-1089-8.3.1-174141891,... High Unreviewed

CVE-2023-26213 was published Mar 4, 2023

A command injection vulnerability has been reported to affect QHora. If exploited, the... High Unreviewed

CVE-2024-50390 was published Mar 7, 2025

A vulnerability regarding improper neutralization of special elements used in an OS command ('OS... High Unreviewed

CVE-2024-39351 was published Mar 4, 2025

A vulnerability regarding improper neutralization of special elements used in an OS command ('OS... High Unreviewed

CVE-2023-47802 was published Mar 4, 2025

A flaw was found in the Emacs text editor. Improper handling of custom "man" URI schemes allows... High Unreviewed

CVE-2025-1244 was published Feb 12, 2025

A vulnerability in the web-based management interface of Cisco Small Business RV320 and RV325... High Unreviewed

CVE-2019-1652 was published May 13, 2022

Improper neutralization of special elements used in an OS command ('OS Command Injection') issue... High Unreviewed

CVE-2025-26856 was published Feb 20, 2025

An OS command injection vulnerability was discovered in D-Link DSL-3782 v1.01 via the public_type... High Unreviewed

CVE-2025-25895 was published Feb 19, 2025

An OS command injection vulnerability was discovered in D-Link DSL-3782 v1.01 via the samba_wg... High Unreviewed

CVE-2025-25894 was published Feb 19, 2025

An OS command injection vulnerability was discovered in D-Link DSL-3782 v1.01 via the inIP,... High Unreviewed

CVE-2025-25893 was published Feb 19, 2025

IBM DevOps Deploy 8.0 through 8.0.1.4, 8.1 through 8.1.0.0 / IBM UrbanCode Deploy 7.0 through 7.0... High Unreviewed

CVE-2024-55904 was published Feb 14, 2025

This vulnerability exists in ESDS Emagic Data Center Management Suit due to lack of input... High Unreviewed

CVE-2023-37569 was published Aug 8, 2023

Previous 1 2 3 4 5 … 75 76 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,883 advisories