Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,731
Erlang
35
GitHub Actions
29
Go
2,308
Maven
5,000+
npm
3,949
NuGet
711
pip
3,727
Pub
12
RubyGems
920
Rust
964
Swift
38
Unreviewed advisories
All unreviewed
5,000+

427 advisories

Loading
The Backup Plus extension for TYPO3 (ns_backup) allows command injections Moderate
CVE-2025-48204 was published for nitsan/ns-backup (Composer) May 21, 2025
Several OS command injection vulnerabilities exist in the device firmware in the /var/salia/mqtt... Moderate Unreviewed
CVE-2025-27804 was published May 21, 2025
Insufficient input sanitization in ejson2env Moderate
CVE-2025-48069 was published for ejson2env (RubyGems) May 21, 2025
thepwagner alexhope61
rj-coleman Owen-Cummings
AAPanel v7.0.7 was discovered to contain an OS command injection vulnerability. Moderate Unreviewed
CVE-2024-42922 was published May 21, 2025
dbclient in Dropbear SSH before 2025.88 allows command injection via an untrusted hostname... Moderate Unreviewed
CVE-2025-47203 was published May 7, 2025
A vulnerability in the CLI of Cisco Catalyst SD-WAN Manager, formerly Cisco SD-WAN vManage, could... Moderate Unreviewed
CVE-2025-20213 was published May 7, 2025
A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an... Moderate Unreviewed
CVE-2025-20193 was published May 7, 2025
A vulnerability in the web-based management interface of Cisco IOS XE Software could allow an... Moderate Unreviewed
CVE-2025-20194 was published May 7, 2025
SEPPmail through 12.1.17 allows command injection within the Admin Portal. An authenticated... Moderate Unreviewed
CVE-2022-41871 was published Apr 28, 2025
GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to execute... Moderate Unreviewed
CVE-2025-43920 was published Apr 20, 2025
A vulnerability, which was classified as critical, has been found in SourceCodester Web-based... Moderate Unreviewed
CVE-2025-3729 was published Apr 16, 2025
A command injection vulnerability in the Palo Alto Networks Cortex XDR® Broker VM allows an... Moderate Unreviewed
CVE-2025-0119 was published Apr 11, 2025
A vulnerability in the file creation process on the command line interface of AOS-8 Instant and... Moderate Unreviewed
CVE-2025-27079 was published Apr 8, 2025
A vulnerability in a system binary of AOS-8 Instant and AOS-10 AP could allow an authenticated... Moderate Unreviewed
CVE-2025-27078 was published Apr 8, 2025
An improper neutralization of special elements used in an OS command ('OS Command Injection')... Moderate Unreviewed
CVE-2024-54025 was published Apr 8, 2025
Stored Cross-Site Scripting (XSS) in DoWISP in versions prior to 1.16.2.50, which consists of an... Moderate Unreviewed
CVE-2025-3189 was published Apr 4, 2025
An OS Command Injection vulnerability exists in the Infinxt iEdge 100 2.1.32 Troubleshoot module,... Moderate Unreviewed
CVE-2025-26055 was published Apr 1, 2025
Drupal AI Vulnerable to OS Command Injection via Optional Automator Types Moderate
CVE-2025-31692 was published for drupal/ai (Composer) Apr 1, 2025
Drupal AI Vulnerable to OS Command Injection Moderate
CVE-2025-31693 was published for drupal/ai (Composer) Apr 1, 2025
A vulnerability, which was classified as critical, has been found in D-Link DIR-823X 240126... Moderate Unreviewed
CVE-2025-2717 was published Mar 25, 2025
Multiple improper neutralization of special elements used in an os command ('os command injection... Moderate Unreviewed
CVE-2024-32123 was published Mar 11, 2025
A vulnerability classified as critical has been found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316.... Moderate Unreviewed
CVE-2025-2095 was published Mar 8, 2025
A vulnerability classified as critical was found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. This... Moderate Unreviewed
CVE-2025-2096 was published Mar 8, 2025
A vulnerability was found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. It has been rated as... Moderate Unreviewed
CVE-2025-2094 was published Mar 8, 2025
A command injection vulnerability has been reported to affect several QNAP operating system... Moderate Unreviewed
CVE-2024-53692 was published Mar 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database