Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

2,889 advisories

Loading
Wavlink WN535K3 20191010 was found to contain a command injection vulnerability in the... Critical Unreviewed
CVE-2025-50756 was published Jul 14, 2025
A vulnerability classified as critical has been found in D-Link DIR-818LW up to 20191215. This... Moderate Unreviewed
CVE-2025-7553 was published Jul 14, 2025
A vulnerability, which was classified as critical, has been found in Comodo Internet Security... High Unreviewed
CVE-2025-7097 was published Jul 7, 2025
Totolink A3300R V17.0.0cu.596_B20250515 was found to contain a command injection vulnerability in... Critical Unreviewed
CVE-2025-52046 was published Jul 17, 2025
@translated/lara-mcp vulnerable to command injection in import_tmx tool High
CVE-2025-53832 was published for @translated/lara-mcp (npm) Jul 21, 2025
dellalibera
An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139... Moderate Unreviewed
CVE-2025-46122 was published Jul 21, 2025
Code Injection in AgentTemplate.eval_agent_config in TransformerOptimus SuperAGI 0.0.14 allows... Moderate Unreviewed
CVE-2025-51472 was published Jul 22, 2025
File Upload vulnerability in agent.hub.controller.refresh_plugins in eosphoros-ai DB-GPT 0.7.0... Moderate Unreviewed
CVE-2025-51459 was published Jul 22, 2025
Command Injection vulnerability in NEC Corporation UNIVERGE IX from Ver9.2 to Ver10.10.21, for... High Unreviewed
CVE-2024-11013 was published Nov 29, 2024
Mingyu Security Gateway before v3.0-5.3p was discovered to contain a remote command execution ... High Unreviewed
CVE-2023-47356 was published Jul 17, 2025
Buffer overflow in an ActiveX control in MDraw30.ocx in Schneider Electric ProClima before 6.1.7... High Unreviewed
CVE-2014-9188 was published May 17, 2022
An issue in Gardyn 4 allows a remote attacker to obtain sensitive information and execute... High Unreviewed
CVE-2025-29628 was published Jul 25, 2025
IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.1.0.0, and 6.2.0.0 could allow a... Critical Unreviewed
CVE-2024-41783 was published Jan 19, 2025
tj-actions/branch-names has a Command Injection Vulnerability Critical
CVE-2025-54416 was published for tj-actions/branch-names (GitHub Actions) Jul 25, 2025
tutasla
A vulnerability was found in TOTOLINK X15 1.0.0-B20230714.1105. It has been classified as... High Unreviewed
CVE-2025-8244 was published Jul 28, 2025
Totolink X6000R V9.4.0cu.1360_B20241207 was found to contain a command injection vulnerability in... Moderate Unreviewed
CVE-2025-52284 was published Jul 29, 2025
A command injection vulnerability exists in the /check_image_and_trigger_recovery API endpoint of... Critical Unreviewed
CVE-2024-13871 was published Mar 12, 2025
A vulnerability, which was classified as critical, was found in D-Link DNS-320L, DNS-325, DNS... High Unreviewed
CVE-2024-3273 was published Apr 4, 2024
An issue in Aver PTC310UV2 firmware v.0.1.0000.59 allows a remote attacker to execute arbitrary... Moderate Unreviewed
CVE-2025-45619 was published Jul 30, 2025
A PHAR deserialization vulnerability in the _getHeaders function of PrestaShop v8.2.0 allows... Moderate Unreviewed
CVE-2025-25692 was published Jul 30, 2025
A PHAR deserialization vulnerability in the component /themes/import of PrestaShop v8.2.0 allows... Moderate Unreviewed
CVE-2025-25691 was published Jul 30, 2025
A vulnerability, which was classified as critical, was found in Vaelsys 4.1.0. This affects the... Moderate Unreviewed
CVE-2025-8259 was published Jul 28, 2025
An issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to... Critical Unreviewed
CVE-2025-26063 was published Jul 31, 2025
@nestjs/devtools-integration: CSRF to Sandbox Escape Allows for RCE against JS Developers Critical
CVE-2025-54782 was published for @nestjs/devtools-integration (npm) Aug 1, 2025
JLLeitschuh
Ai command injection in M365 Copilot allows an unauthorized attacker to disclose information over... Critical Unreviewed
CVE-2025-32711 was published Jun 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database