Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,350
Erlang
31
GitHub Actions
22
Go
2,119
Maven
5,000+
npm
3,778
NuGet
680
pip
3,459
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

977 advisories

Loading
When running in Appliance mode, an authenticated remote command injection vulnerability exists in... High Unreviewed
CVE-2025-23239 was published Feb 5, 2025
This vulnerability allows network-adjacent attackers to execute arbitrary code on affected... High Unreviewed
CVE-2024-23971 was published Jan 31, 2025
A privacy issue was addressed with improved handling of files. This issue is fixed in macOS... High Unreviewed
CVE-2025-24150 was published Jan 28, 2025
Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 suffers from Command Injection issues in ... High Unreviewed
CVE-2024-48419 was published Jan 27, 2025
A code injection vulnerability exists in the Ambari Alert Definition feature, allowing... High Unreviewed
CVE-2025-23196 was published Jan 22, 2025
Linksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via... High Unreviewed
CVE-2024-57536 was published Jan 21, 2025
Linksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via... High Unreviewed
CVE-2024-57539 was published Jan 21, 2025
TOTOLINK A810R V4.1.2cu.5032_B20200407 was found to contain a command insertion vulnerability in... High Unreviewed
CVE-2024-57036 was published Jan 21, 2025
A JNDI injection issue was discovered in Cloudera JDBC Connector for Hive before 2.6.26 and JDBC... High Unreviewed
CVE-2024-54660 was published Jan 17, 2025
Authenticated command injection vulnerability in the command line interface of a network... High Unreviewed
CVE-2025-23052 was published Jan 14, 2025
Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the... High Unreviewed
CVE-2024-57226 was published Jan 10, 2025
TOTOLINK A6000R V1.0.1-B20201211.2000 was discovered to contain a command injection vulnerability... High Unreviewed
CVE-2024-57211 was published Jan 10, 2025
Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the... High Unreviewed
CVE-2024-57227 was published Jan 10, 2025
Linksys E7350 1.1.00.032 was discovered to contain a command injection vulnerability via the... High Unreviewed
CVE-2024-57228 was published Jan 10, 2025
Due to the improper handling of batch files in child_process.spawn / child_process.spawnSync, a... High Unreviewed
CVE-2024-27980 was published Jan 9, 2025
Command Injection in Minidlna version v1.3.3 and before allows an attacker to execute arbitrary... High Unreviewed
CVE-2024-51442 was published Jan 8, 2025
Multiple command injection vulnerabilities exist in the web interface of the 501 Wireless Client... High Unreviewed
CVE-2024-54007 was published Jan 7, 2025
Multiple command injection vulnerabilities exist in the web interface of the 501 Wireless Client... High Unreviewed
CVE-2024-54006 was published Jan 7, 2025
A vulnerability was found in Roxy-WI up to 8.1.3. It has been declared as critical. Affected by... High Unreviewed
CVE-2024-13129 was published Jan 4, 2025
An unintended entry point vulnerability has been identified in certain router models, which may... High Unreviewed
CVE-2024-13062 was published Jan 2, 2025
A command injection is possible through the user interface, allowing arbitrary command execution... High Unreviewed
CVE-2020-13712 was published Dec 21, 2024
In a specific scenario a LDAP user can abuse the authentication process in OpenText Privileged... High Unreviewed
CVE-2024-12111 was published Dec 19, 2024
In ThreatQuotient ThreatQ before 5.29.3, authenticated users are able to execute arbitrary... High Unreviewed
CVE-2024-39703 was published Dec 18, 2024
An issue was discovered in Logpoint before 7.5.0. Authenticated users can inject payloads in... High Unreviewed
CVE-2024-56086 was published Dec 16, 2024
An issue was discovered in Logpoint UniversalNormalizer before 5.7.0. Authenticated users can... High Unreviewed
CVE-2024-56084 was published Dec 16, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database