Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

431 advisories

Loading
The CLI in Cisco Prime Collaboration 9.0 and 11.0 allows local users to execute arbitrary OS... Moderate Unreviewed
CVE-2016-1320 was published May 17, 2022
PC-EGG pWebManager before 3.3.10, and before 2.2.2 for PHP 4.x, allows remote authenticated users... Moderate Unreviewed
CVE-2015-7774 was published May 17, 2022
Infinite Automation Mango Automation 2.5.x and 2.6.x through 2.6.0 build 430 allows remote... Moderate Unreviewed
CVE-2015-7901 was published May 17, 2022
The Yodobashi application 1.2.1.0 and earlier for Android allows remote attackers to execute... Moderate Unreviewed
CVE-2015-2980 was published May 17, 2022
The CLI parser in Cisco NX-OS 4.1(2)E1(1), 6.2(11b), 6.2(12), 7.2(0)ZZ(99.1), 7.2(0)ZZ(99.3), and... Moderate Unreviewed
CVE-2015-4237 was published May 17, 2022
The WP-DBManager (aka Database Manager) plugin before 2.7.2 for WordPress allows remote... Moderate Unreviewed
CVE-2014-8334 was published May 14, 2022
A command injection vulnerability in the Palo Alto Networks Cortex XDR® Broker VM allows an... Moderate Unreviewed
CVE-2025-0119 was published Apr 11, 2025
Multiple argument injection vulnerabilities in Mozilla Firefox 2.0.0.5 and 3.0alpha allow remote... Moderate Unreviewed
CVE-2007-4041 was published May 1, 2022
A vulnerability in the file creation process on the command line interface of AOS-8 Instant and... Moderate Unreviewed
CVE-2025-27079 was published Apr 8, 2025
A vulnerability in a system binary of AOS-8 Instant and AOS-10 AP could allow an authenticated... Moderate Unreviewed
CVE-2025-27078 was published Apr 8, 2025
An improper neutralization of special elements used in an OS command ('OS Command Injection')... Moderate Unreviewed
CVE-2024-54025 was published Apr 8, 2025
Stored Cross-Site Scripting (XSS) in DoWISP in versions prior to 1.16.2.50, which consists of an... Moderate Unreviewed
CVE-2025-3189 was published Apr 4, 2025
A vulnerability was found in TOTOLINK X18 9.1.0cu.2024_B20220329. It has been declared as... Moderate Unreviewed
CVE-2025-1829 was published Mar 2, 2025
A vulnerability classified as critical has been found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316.... Moderate Unreviewed
CVE-2025-2095 was published Mar 8, 2025
A vulnerability was found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. It has been rated as... Moderate Unreviewed
CVE-2025-2094 was published Mar 8, 2025
A vulnerability classified as critical was found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. This... Moderate Unreviewed
CVE-2025-2096 was published Mar 8, 2025
Drupal AI Vulnerable to OS Command Injection via Optional Automator Types Moderate
CVE-2025-31692 was published for drupal/ai (Composer) Apr 1, 2025
In cmd services, there is a OS command injection issue due to missing permission check. This... Moderate Unreviewed
CVE-2022-47339 was published Feb 12, 2023
An issue was discovered on NRadio N8-180 NROS-1.9.2.n3.c5 devices. The /cgi-bin/luci/nradio/basic... Moderate Unreviewed
CVE-2024-53942 was published Feb 3, 2025
pgAdmin failed to properly control the server code Moderate
CVE-2023-5002 was published for pgadmin4 (pip) Sep 22, 2023
A vulnerability in the web-based management interface of HPE Aruba Networking ClearPass Policy... Moderate Unreviewed
CVE-2025-25039 was published Feb 4, 2025
Multiple TP-LINK products allow a network-adjacent attacker with an administrative privilege to... Moderate Unreviewed
CVE-2024-38471 was published Jul 4, 2024
Multiple improper neutralization of special elements used in an os command ('os command injection... Moderate Unreviewed
CVE-2024-32123 was published Mar 11, 2025
A command injection vulnerability has been reported to affect several QNAP operating system... Moderate Unreviewed
CVE-2024-53692 was published Mar 7, 2025
t0mer BroadlinkManager v5.9.1 was discovered to contain an OS command injection vulnerability via... Moderate Unreviewed
CVE-2025-26320 was published Mar 4, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database