Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,373
Erlang
33
GitHub Actions
22
Go
2,135
Maven
5,000+
npm
3,797
NuGet
687
pip
3,478
Pub
12
RubyGems
896
Rust
897
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

866 advisories

Loading
An OS command injection vulnerability exists in Vinci Protocol Analyzer that could allow an... Critical Unreviewed
CVE-2025-1265 was published Feb 20, 2025
Improper neutralization of special elements used in an OS command ('OS Command Injection') issue... Critical Unreviewed
CVE-2021-46686 was published Feb 18, 2025
mySCADA myPRO Manager is vulnerable to an OS command injection which could allow a remote... Critical Unreviewed
CVE-2025-25067 was published Feb 14, 2025
OS command injection in the admin web console of Ivanti CSA before version 5.0.5 allows a remote... Critical Unreviewed
CVE-2024-47908 was published Feb 11, 2025
IBM Security Verify Directory 10.0.0 through 10.0.3 could allow a remote authenticated attacker... Critical Unreviewed
CVE-2024-51450 was published Feb 6, 2025
OpenPanel v0.3.4 was discovered to contain an OS command injection vulnerability via the timezone... Critical Unreviewed
CVE-2024-53584 was published Jan 31, 2025
Affected products contain a vulnerability in the device cloud rpc command handling process that... Critical Unreviewed
CVE-2025-0680 was published Jan 30, 2025
mySCADA myPRO does not properly neutralize POST requests sent to a specific port with version... Critical Unreviewed
CVE-2025-20014 was published Jan 29, 2025
mySCADA myPRO does not properly neutralize POST requests sent to a specific port with email... Critical Unreviewed
CVE-2025-20061 was published Jan 29, 2025
A Remote Code Execution Vulnerability exists in the product and version listed above. The... Critical Unreviewed
CVE-2025-24480 was published Jan 28, 2025
DLINK DIR-825 REVB 2.03 devices have an OS command injection vulnerability in the CGl interface... Critical Unreviewed
CVE-2024-57595 was published Jan 27, 2025
Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed
CVE-2024-13502 was published Jan 17, 2025
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection... Critical Unreviewed
CVE-2024-57014 was published Jan 15, 2025
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection... Critical Unreviewed
CVE-2024-57016 was published Jan 15, 2025
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection... Critical Unreviewed
CVE-2024-57019 was published Jan 15, 2025
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection... Critical Unreviewed
CVE-2024-57015 was published Jan 15, 2025
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection... Critical Unreviewed
CVE-2024-57020 was published Jan 15, 2025
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection... Critical Unreviewed
CVE-2024-57022 was published Jan 15, 2025
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection... Critical Unreviewed
CVE-2024-57017 was published Jan 15, 2025
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection... Critical Unreviewed
CVE-2024-57018 was published Jan 15, 2025
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection... Critical Unreviewed
CVE-2024-57021 was published Jan 15, 2025
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection... Critical Unreviewed
CVE-2024-57011 was published Jan 15, 2025
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection... Critical Unreviewed
CVE-2024-57012 was published Jan 15, 2025
TOTOLINK X5000R V9.1.0cu.2350_B20230313 was discovered to contain an OS command injection... Critical Unreviewed
CVE-2024-57013 was published Jan 15, 2025
OS command injection vulnerability exists in network storage servers STEALTHONE D220/D340... Critical Unreviewed
CVE-2025-20055 was published Jan 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database