GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,230
Composer 4,347
Erlang 31
GitHub Actions 22
Go 2,117
Maven 5,289
npm 3,768
NuGet 680
pip 3,457
Pub 12
RubyGems 892
Rust 888
Swift 38

Unreviewed advisories

All unreviewed 243,619

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,855 advisories

Filter by severity

Sort by

Least recently updated

Command injection vulnerability exists in iControl REST and BIG-IP TMOS Shell (tmsh) save command... High Unreviewed

CVE-2025-20029 was published Feb 5, 2025

The goform/setUsbUnload endpoint of Tenda AC15 AC1900 version 15.03.05.19 allows remote attackers... High Unreviewed

CVE-2020-10987 was published May 24, 2022

Nagios XI before 5.6.6 allows remote command execution as root. The exploit requires access to... High Unreviewed

CVE-2019-15949 was published May 24, 2022

The login_mgr.cgi script in D-Link DNS-320 through 2.05.B10 is vulnerable to remote command... High Unreviewed

CVE-2019-16057 was published May 24, 2022

Netis WF2419 is vulnerable to authenticated Remote Code Execution (RCE) as root through the... High Unreviewed

CVE-2019-19356 was published May 24, 2022

VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector... High Unreviewed

CVE-2020-4006 was published May 24, 2022

An issue was discovered in PRTG Network Monitor before 18.2.39. An attacker who has access to the... High Unreviewed

CVE-2018-9276 was published May 13, 2022

Dell RecoverPoint for Virtual Machines 6.0.x contains an OS Command injection vulnerability. A... High Unreviewed

CVE-2024-22461 was published Dec 13, 2024

The end-of-life Netgear FVS336Gv2 and FVS336Gv3 are affected by a command injection vulnerability... High Unreviewed

CVE-2024-23690 was published Feb 4, 2025

**UNSUPPORTED WHEN ASSIGNED** A post-authentication command injection vulnerability in the... High Unreviewed

CVE-2024-40891 was published Feb 4, 2025

**UNSUPPORTED WHEN ASSIGNED** A post-authentication command injection vulnerability in the CGI... High Unreviewed

CVE-2024-40890 was published Feb 4, 2025

Accellion FTA 9_12_411 and earlier is affected by OS command execution via a local web service... High Unreviewed

CVE-2021-27102 was published May 24, 2022

The Unlimited Elements For Elementor (Free Widgets, Addons, Templates) plugin for WordPress is... High Unreviewed

CVE-2024-2662 was published May 14, 2024

SAP NetWeaver (Visual Composer 7.0 RT) versions - 7.30, 7.31, 7.40, 7.50, without restriction, an... High Unreviewed

CVE-2021-38163 was published May 24, 2022

Multiple API endpoints in Atlassian Bitbucket Server and Data Center 7.0.0 before version 7.6.17,... High Unreviewed

CVE-2022-36804 was published Aug 26, 2022

Zoho ManageEngine ADSelfService Plus before 6122 allows an authenticated user to achieve remote... High Unreviewed

CVE-2022-28810 was published Apr 19, 2022

A vulnerability in the IBM TS7700 Management Interface 8.51.2.12, 8.52.200.111, 8.52.102.13, and... High Unreviewed

CVE-2023-24958 was published May 4, 2023

VMware NSX SD-WAN Edge by VeloCloud prior to version 3.1.0 contains a command injection... High Unreviewed

CVE-2018-6961 was published May 13, 2022

Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. An... High Unreviewed

CVE-2024-25955 was published Mar 28, 2024

setSystemCommand on D-Link DCS-930L devices before 2.12 allows a remote attacker to execute code... High Unreviewed

CVE-2016-11021 was published May 24, 2022

Dell vApp Manager, versions prior to 9.2.4.9 contain a Command Injection Vulnerability. An... High Unreviewed

CVE-2024-25946 was published Mar 28, 2024

Dell RecoverPoint for Virtual Machines 5.3.x contains an OS Command injection vulnerability. An... High Unreviewed

CVE-2024-22426 was published Feb 16, 2024

A command injection vulnerability was discovered on the Zyxel EMG2926 home router with firmware... High Unreviewed

CVE-2017-6884 was published May 17, 2022

Linksys E8450 v1.2.00.360516 was discovered to contain a command injection vulnerability via the... High Unreviewed

CVE-2024-57542 was published Jan 21, 2025

Improper neutralization of special elements used in an OS command ('OS Command Injection') issue... High Unreviewed

CVE-2025-20617 was published Jan 22, 2025

Previous 1 2 3 4 5 … 74 75 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,855 advisories