Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,529 advisories

Loading
A privacy issue was addressed with improved handling of files. This issue is fixed in macOS... High Unreviewed
CVE-2025-24150 was published Jan 28, 2025
Network access can be used to execute arbitrary code with elevated privileges. This issue... Critical Unreviewed
CVE-2024-48841 was published Jan 27, 2025
Edimax AC1200 Wi-Fi 5 Dual-Band Router BR-6476AC 1.06 suffers from Command Injection issues in ... High Unreviewed
CVE-2024-48419 was published Jan 27, 2025
TRENDnet TEW-632BRP v1.010B31 devices have an OS command injection vulnerability in the CGl... Critical Unreviewed
CVE-2024-57590 was published Jan 27, 2025
ECOVACS robot lawnmowers and vacuums are vulnerable to command injection via SetNetPin() over an... Moderate Unreviewed
CVE-2024-52325 was published Jan 23, 2025
A code injection vulnerability exists in the Ambari Alert Definition feature, allowing... High Unreviewed
CVE-2025-23196 was published Jan 22, 2025
A remote code injection vulnerability exists in the Ambari Metrics and AMS Alerts feature,... High Unreviewed
CVE-2024-51941 was published Jan 22, 2025
Linksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via... High Unreviewed
CVE-2024-57536 was published Jan 21, 2025
Linksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via... High Unreviewed
CVE-2024-57539 was published Jan 21, 2025
The script input feature of SpagoBI 3.5.1 allows arbitrary code execution. Critical Unreviewed
CVE-2024-54794 was published Jan 21, 2025
TOTOLINK A810R V4.1.2cu.5032_B20200407 was found to contain a command insertion vulnerability in... High Unreviewed
CVE-2024-57036 was published Jan 21, 2025
IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.1.0.0, and 6.2.0.0 could allow a... Critical Unreviewed
CVE-2024-41783 was published Jan 19, 2025
Multiple bash files were present in the application's private directory. Bash files can be used... Low Unreviewed
CVE-2024-54681 was published Jan 17, 2025
A JNDI injection issue was discovered in Cloudera JDBC Connector for Hive before 2.6.26 and JDBC... High Unreviewed
CVE-2024-54660 was published Jan 17, 2025
Tenda AC18 V15.03.05.19 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2024-57583 was published Jan 16, 2025
RE11S v1.11 was discovered to contain a command injection vulnerability via the component /goform... Critical Unreviewed
CVE-2025-22912 was published Jan 16, 2025
Authenticated command injection vulnerability in the command line interface of a network... High Unreviewed
CVE-2025-23052 was published Jan 14, 2025
Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing()... Critical Unreviewed
CVE-2024-39765 was published Jan 14, 2025
Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality... Critical Unreviewed
CVE-2024-39760 was published Jan 14, 2025
Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing()... Critical Unreviewed
CVE-2024-39764 was published Jan 14, 2025
Multiple OS command injection vulnerabilities exist in the login.cgi set_sys_init() functionality... Critical Unreviewed
CVE-2024-39761 was published Jan 14, 2025
Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot() functionality of... Critical Unreviewed
CVE-2024-39781 was published Jan 14, 2025
Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot() functionality of... Critical Unreviewed
CVE-2024-39782 was published Jan 14, 2025
Multiple OS command injection vulnerabilities exist in the internet.cgi set_add_routing()... Critical Unreviewed
CVE-2024-39762 was published Jan 14, 2025
Multiple OS command injection vulnerabilities exist in the adm.cgi sch_reboot() functionality of... Critical Unreviewed
CVE-2024-39783 was published Jan 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database