Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,856
Erlang
36
GitHub Actions
36
Go
2,488
Maven
5,000+
npm
4,104
NuGet
735
pip
3,923
Pub
12
RubyGems
945
Rust
1,017
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,907 advisories

Loading
Improper Input Validation vulnerability in N-able N-central allows OS Command Injection.This... Critical Unreviewed
CVE-2025-8876 was published Aug 14, 2025
An issue was discovered on KuWFi GC111 devices (Hardware Version: CPE-LM321_V3.2, Software... Critical Unreviewed
CVE-2025-43984 was published Aug 14, 2025
Flowise OS command remote code execution Critical
CVE-2025-8943 was published for flowise (npm) Aug 14, 2025
Snort Report versions < 1.3.2 contains a remote command execution vulnerability in the nmap.php... Critical Unreviewed
CVE-2011-10017 was published Aug 13, 2025
Dolibarr ERP/CRM versions <= 3.1.1 and <= 3.2.0 contain a post-authenticated OS command injection... Critical Unreviewed
CVE-2012-10059 was published Aug 13, 2025
The /goform/formJsonAjaxReq POST endpoint of Shenzhen Tuoshi NR500-EA RG500UEAABxCOMSLICv3.4.2731... Moderate Unreviewed
CVE-2025-43989 was published Aug 13, 2025
NVIDIA WebDataset for all platforms contains a vulnerability where an attacker could execute... High Unreviewed
CVE-2025-23294 was published Aug 13, 2025
OliveTin OS Command Injection vulnerability High
CVE-2025-50946 was published for github.com/OliveTin/OliveTin (Go) Aug 13, 2025
An improper neutralization of special elements used in an OS Command ("OS Command Injection")... High Unreviewed
CVE-2025-49813 was published Aug 12, 2025
A improper neutralization of special elements used in an os command ('os command injection')... Moderate Unreviewed
CVE-2025-47857 was published Aug 12, 2025
An improper neutralization of special elements used in an OS command ('OS Command Injection')... Critical Unreviewed
CVE-2025-25256 was published Aug 12, 2025
An improper neutralization of special elements used in an OS command ('OS Command Injection')... Moderate Unreviewed
CVE-2025-27759 was published Aug 12, 2025
ZEN Load Balancer versions 2.0 and 3.0-rc1 contain a command injection vulnerability in content2... Critical Unreviewed
CVE-2012-10039 was published Aug 11, 2025
Openfiler v2.x contains a command injection vulnerability in the system.html page. The device... Critical Unreviewed
CVE-2012-10040 was published Aug 11, 2025
PhpTax version 0.8 contains a remote code execution vulnerability in drawimage.php. The pfilez... Critical Unreviewed
CVE-2012-10037 was published Aug 11, 2025
The E-Mail Security Virtual Appliance (ESVA) (tested on version ESVA_2057) contains an... Critical Unreviewed
CVE-2012-10046 was published Aug 8, 2025
An unauthenticated remote command execution vulnerability exists in AjaXplorer (now known as... Critical Unreviewed
CVE-2010-10013 was published Aug 8, 2025
WAN Emulator v2.3 contains two unauthenticated command execution vulnerabilities. The result.php... Critical Unreviewed
CVE-2012-10041 was published Aug 8, 2025
MiR software versions prior to version 3.0.0 are affected by a command injection vulnerability. A... High Unreviewed
CVE-2025-8748 was published Aug 8, 2025
Powered BLUE 870 versions 0.20130927 and prior contain an OS command injection vulnerability. If... Moderate Unreviewed
CVE-2025-54958 was published Aug 8, 2025
An unauthenticated OS command injection vulnerability exists in the Shenzhen Aitemi M300 Wi-Fi... Critical Unreviewed
CVE-2025-34152 was published Aug 7, 2025
A command injection vulnerability exists in the 'passwd' parameter of the PPPoE setup process on... Critical Unreviewed
CVE-2025-34151 was published Aug 7, 2025
The PPPoE configuration interface of the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model MT02... Critical Unreviewed
CVE-2025-34150 was published Aug 7, 2025
A command injection vulnerability affects the Shenzhen Aitemi M300 Wi-Fi Repeater (hardware model... Critical Unreviewed
CVE-2025-34149 was published Aug 7, 2025
An unauthenticated OS command injection vulnerability exists in the Shenzhen Aitemi M300 Wi-Fi... Critical Unreviewed
CVE-2025-34148 was published Aug 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database