GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,250
Composer 4,350
Erlang 31
GitHub Actions 22
Go 2,119
Maven 5,292
npm 3,778
NuGet 680
pip 3,459
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,754

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

860 advisories

Filter by severity

Sort by

Least recently updated

A command injection vulnerability in the web server of some Hikvision product. Due to the... Critical Unreviewed

CVE-2021-36260 was published May 24, 2022

The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG... Critical Unreviewed

CVE-2019-3929 was published May 24, 2022

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed

CVE-2023-6260 was published Feb 20, 2024

IBM Security Verify Directory 10.0.0 through 10.0.3 could allow a remote authenticated attacker... Critical Unreviewed

CVE-2024-51450 was published Feb 6, 2025

Yealink Device Management (DM) 3.6.0.20 allows command injection as root via the /sm/api/v1... Critical Unreviewed

CVE-2021-27561 was published May 24, 2022

Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool called 'MP Daemon' that... Critical Unreviewed

CVE-2021-35394 was published May 24, 2022

Eclipse Target Management: Terminal and Remote System Explorer (RSE) version <= 4.5.400 has a... Critical Unreviewed

CVE-2024-0740 was published Apr 26, 2024

OpenPanel v0.3.4 was discovered to contain an OS command injection vulnerability via the timezone... Critical Unreviewed

CVE-2024-53584 was published Jan 31, 2025

Accellion FTA 9_12_370 and earlier is affected by OS command execution via a crafted POST request... Critical Unreviewed

CVE-2021-27104 was published May 24, 2022

Affected products contain a vulnerability in the device cloud rpc command handling process that... Critical Unreviewed

CVE-2025-0680 was published Jan 30, 2025

Metersphere v1.20.20-lts-79d354a6 is vulnerable to Remote Command Execution. The system command... Critical Unreviewed

CVE-2023-29944 was published May 8, 2023

A Remote Command Execution (RCE) vulnerability exists in all series H/W revisions D-link DIR-810L... Critical Unreviewed

CVE-2021-45382 was published Feb 18, 2022

mySCADA myPRO does not properly neutralize POST requests sent to a specific port with version... Critical Unreviewed

CVE-2025-20014 was published Jan 29, 2025

mySCADA myPRO does not properly neutralize POST requests sent to a specific port with email... Critical Unreviewed

CVE-2025-20061 was published Jan 29, 2025

SolarView Compact ver.6.00 was discovered to contain a command injection vulnerability via... Critical Unreviewed

CVE-2022-29303 was published May 13, 2022

D-Link DIR-820L 1.05B03 was discovered to contain a remote command execution (RCE) vulnerability... Critical Unreviewed

CVE-2022-26258 was published Mar 29, 2022

A Remote Code Execution Vulnerability exists in the product and version listed above. The... Critical Unreviewed

CVE-2025-24480 was published Jan 28, 2025

DLINK DIR-825 REVB 2.03 devices have an OS command injection vulnerability in the CGl interface... Critical Unreviewed

CVE-2024-57595 was published Jan 27, 2025

The functionality for synchronization in HGiga OAKlouds' certain moudules has an OS Command... Critical Unreviewed

CVE-2024-26260 was published Feb 15, 2024

Dell OS10 Networking Switches running 10.5.2.x and above contain an OS command injection... Critical Unreviewed

CVE-2023-32462 was published Feb 15, 2024

The '/common/download_agent_installer.php' script in the Quest KACE System Management Appliance 8... Critical Unreviewed

CVE-2018-11138 was published May 13, 2022

An issue was discovered on Dasan GPON home routers. Command Injection can occur via the dest_host... Critical Unreviewed

CVE-2018-10562 was published May 13, 2022

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed

CVE-2024-13502 was published Jan 17, 2025

TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection... Critical Unreviewed

CVE-2024-57018 was published Jan 15, 2025

TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection... Critical Unreviewed

CVE-2024-57021 was published Jan 15, 2025

Previous 1 2 3 4 5 … 34 35 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

860 advisories