GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,250
Composer 4,350
Erlang 31
GitHub Actions 22
Go 2,119
Maven 5,292
npm 3,778
NuGet 680
pip 3,459
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,747

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,069 advisories

Filter by severity

Sort by

Least recently updated

A command injection vulnerability in the web server of some Hikvision product. Due to the... Critical Unreviewed

CVE-2021-36260 was published May 24, 2022

The Crestron AM-100 firmware 1.6.0.2, Crestron AM-101 firmware 2.7.0.1, Barco wePresent WiPG... Critical Unreviewed

CVE-2019-3929 was published May 24, 2022

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed

CVE-2023-6260 was published Feb 20, 2024

IBM Security Verify Directory 10.0.0 through 10.0.3 could allow a remote authenticated attacker... Critical Unreviewed

CVE-2024-51450 was published Feb 6, 2025

Command injection vulnerability exists in iControl REST and BIG-IP TMOS Shell (tmsh) save command... High Unreviewed

CVE-2025-20029 was published Feb 5, 2025

Pi-hole Web v4.3.2 (aka AdminLTE) allows Remote Code Execution by privileged dashboard users via... Moderate Unreviewed

CVE-2020-8816 was published May 24, 2022

The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers... High Unreviewed

CVE-2020-10987 was published May 24, 2022

Nagios XI before 5.6.6 allows remote command execution as root. The exploit requires access to... High Unreviewed

CVE-2019-15949 was published May 24, 2022

The login_mgr.cgi script in D-Link DNS-320 through 2.05.B10 is vulnerable to remote command... High Unreviewed

CVE-2019-16057 was published May 24, 2022

Yealink Device Management (DM) 3.6.0.20 allows command injection as root via the /sm/api/v1... Critical Unreviewed

CVE-2021-27561 was published May 24, 2022

Realtek Jungle SDK version v2.x up to v3.4.14B provides a diagnostic tool called 'MP Daemon' that... Critical Unreviewed

CVE-2021-35394 was published May 24, 2022

Netis WF2419 is vulnerable to authenticated Remote Code Execution (RCE) as root through the... High Unreviewed

CVE-2019-19356 was published May 24, 2022

Dell RecoverPoint for Virtual Machines 6.0.x contains a OS Command Injection vulnerability. An... Moderate Unreviewed

CVE-2024-48008 was published Dec 13, 2024

VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector... High Unreviewed

CVE-2020-4006 was published May 24, 2022

An issue was discovered in PRTG Network Monitor before 18.2.39. An attacker who has access to the... High Unreviewed

CVE-2018-9276 was published May 13, 2022

Dell RecoverPoint for Virtual Machines 6.0.x contains an OS Command injection vulnerability. A... High Unreviewed

CVE-2024-22461 was published Dec 13, 2024

The end-of-life Netgear FVS336Gv2 and FVS336Gv3 are affected by a command injection vulnerability... High Unreviewed

CVE-2024-23690 was published Feb 4, 2025

**UNSUPPORTED WHEN ASSIGNED** A post-authentication command injection vulnerability in the... High Unreviewed

CVE-2024-40891 was published Feb 4, 2025

**UNSUPPORTED WHEN ASSIGNED** A post-authentication command injection vulnerability in the CGI... High Unreviewed

CVE-2024-40890 was published Feb 4, 2025

Eclipse Target Management: Terminal and Remote System Explorer (RSE) version <= 4.5.400 has a... Critical Unreviewed

CVE-2024-0740 was published Apr 26, 2024

OpenPanel v0.3.4 was discovered to contain an OS command injection vulnerability via the timezone... Critical Unreviewed

CVE-2024-53584 was published Jan 31, 2025

Accellion FTA 9_12_411 and earlier is affected by OS command execution via a local web service... High Unreviewed

CVE-2021-27102 was published May 24, 2022

Accellion FTA 9_12_370 and earlier is affected by OS command execution via a crafted POST request... Critical Unreviewed

CVE-2021-27104 was published May 24, 2022

Affected products contain a vulnerability in the device cloud rpc command handling process that... Critical Unreviewed

CVE-2025-0680 was published Jan 30, 2025

The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is... High Unreviewed

CVE-2024-2662 was published May 14, 2024

Previous 1 2 3 4 5 … 122 123 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,069 advisories