GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,596
Composer 4,840
Erlang 36
GitHub Actions 33
Go 2,464
Maven 5,878
npm 4,082
NuGet 723
pip 3,880
Pub 12
RubyGems 943
Rust 1,011
Swift 39

Unreviewed advisories

All unreviewed 266,882

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

3,888 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A remote unauthenticated attacker who has bypassed authentication could execute arbitrary OS... Critical Unreviewed

CVE-2025-3128 was published Aug 21, 2025

The StrongDM Windows service incorrectly handled input validation. Authenticated attackers could... High Unreviewed

CVE-2025-6181 was published Aug 20, 2025

The StrongDM macOS client incorrectly processed JSON-formatted messages. Attackers could... High Unreviewed

CVE-2025-6183 was published Aug 20, 2025

FreeNAS 0.7.2 prior to revision 5543 includes an unauthenticated command‐execution backdoor in... Critical Unreviewed

CVE-2010-20059 was published Aug 20, 2025

TOTOLINK A3002R v4.0.0-B20230531.1404 was discovered to contain multiple OS command injection... Moderate Unreviewed

CVE-2025-55589 was published Aug 18, 2025

Claude Code's Permissive Default Allowlist Enables Unauthorized File Read and Network Exfiltration in Claude Code High

CVE-2025-55284 was published for @anthropic-ai/claude-code (npm) Aug 18, 2025

A vulnerability in the CLI of Cisco Secure Firewall Management Center (FMC) Software and Cisco... Moderate Unreviewed

CVE-2025-20220 was published Aug 14, 2025

Improper Input Validation vulnerability in N-able N-central allows OS Command Injection.This... Critical Unreviewed

CVE-2025-8876 was published Aug 14, 2025

An issue was discovered on KuWFi GC111 devices (Hardware Version: CPE-LM321_V3.2, Software... Critical Unreviewed

CVE-2025-43984 was published Aug 14, 2025

Flowise OS command remote code execution Critical

CVE-2025-8943 was published for flowise (npm) Aug 14, 2025

Snort Report versions < 1.3.2 contains a remote command execution vulnerability in the nmap.php... Critical Unreviewed

CVE-2011-10017 was published Aug 13, 2025

Dolibarr ERP/CRM versions <= 3.1.1 and <= 3.2.0 contain a post-authenticated OS command injection... Critical Unreviewed

CVE-2012-10059 was published Aug 13, 2025

The /goform/formJsonAjaxReq POST endpoint of Shenzhen Tuoshi NR500-EA RG500UEAABxCOMSLICv3.4.2731... Moderate Unreviewed

CVE-2025-43989 was published Aug 13, 2025

NVIDIA WebDataset for all platforms contains a vulnerability where an attacker could execute... High Unreviewed

CVE-2025-23294 was published Aug 13, 2025

OliveTin OS Command Injection vulnerability High

CVE-2025-50946 was published for github.com/OliveTin/OliveTin (Go) Aug 13, 2025

An improper neutralization of special elements used in an OS Command ("OS Command Injection")... High Unreviewed

CVE-2025-49813 was published Aug 12, 2025

A improper neutralization of special elements used in an os command ('os command injection')... Moderate Unreviewed

CVE-2025-47857 was published Aug 12, 2025

An improper neutralization of special elements used in an OS command ('OS Command Injection')... Critical Unreviewed

CVE-2025-25256 was published Aug 12, 2025

An improper neutralization of special elements used in an OS command ('OS Command Injection')... Moderate Unreviewed

CVE-2025-27759 was published Aug 12, 2025

ZEN Load Balancer versions 2.0 and 3.0-rc1 contain a command injection vulnerability in content2... Critical Unreviewed

CVE-2012-10039 was published Aug 11, 2025

Openfiler v2.x contains a command injection vulnerability in the system.html page. The device... Critical Unreviewed

CVE-2012-10040 was published Aug 11, 2025

PhpTax version 0.8 contains a remote code execution vulnerability in drawimage.php. The pfilez... Critical Unreviewed

CVE-2012-10037 was published Aug 11, 2025

The E-Mail Security Virtual Appliance (ESVA) (tested on version ESVA_2057) contains an... Critical Unreviewed

CVE-2012-10046 was published Aug 8, 2025

WAN Emulator v2.3 contains two unauthenticated command execution vulnerabilities. The result.php... Critical Unreviewed

CVE-2012-10041 was published Aug 8, 2025

An unauthenticated remote command execution vulnerability exists in AjaXplorer (now known as... Critical Unreviewed

CVE-2010-10013 was published Aug 8, 2025

Previous 1 2 3 4 5 … 155 156 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,888 advisories