Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,869
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,119
NuGet
735
pip
3,941
Pub
12
RubyGems
945
Rust
1,018
Swift
39
Unreviewed advisories
All unreviewed
5,000+

137,116 advisories

Loading
TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in... Moderate Unreviewed
CVE-2025-44841 was published May 1, 2025
TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in... Moderate Unreviewed
CVE-2025-44844 was published May 1, 2025
TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in... Moderate Unreviewed
CVE-2025-44842 was published May 1, 2025
Due to insufficient escaping of the special characters in the "copy as cURL" feature, an attacker... Moderate Unreviewed
CVE-2025-4084 was published Apr 29, 2025
Modification of specific WebGL shader attributes could trigger an out-of-bounds read, which, when... Moderate Unreviewed
CVE-2025-4082 was published Apr 29, 2025
An Improper Validation of Syntactic Correctness of Input vulnerability in Routing Protocol Daemon... Moderate Unreviewed
CVE-2023-44204 was published Oct 13, 2023
A vulnerability has been found in PHPGurukul Online Birth Certificate System 1.0 and classified... Moderate Unreviewed
CVE-2025-4213 was published May 2, 2025
An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c.... Moderate Unreviewed
CVE-2022-3821 was published Nov 9, 2022
Vite's server.fs.deny bypassed with /. for files under project root Moderate
CVE-2025-46565 was published for vite (npm) Apr 30, 2025
chienhm
TOTOLINK CPE CP900 V6.3c.1144_B20190715 was discovered to contain a command injection... Moderate Unreviewed
CVE-2025-44838 was published May 1, 2025
TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in... Moderate Unreviewed
CVE-2025-44847 was published May 1, 2025
The SULly WordPress plugin before 4.3.1 does not have CSRF check in some places, and is missing... Moderate Unreviewed
CVE-2024-5033 was published Jul 13, 2024
A vulnerability, which was classified as critical, was found in AlanBinu007 Spring-Boot-Advanced... Moderate Unreviewed
CVE-2025-4175 was published May 2, 2025
TOTOLINK CA300-POE V6.2c.884_B20180522 was found to contain a command injection vulnerability in... Moderate Unreviewed
CVE-2025-44862 was published May 2, 2025
Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the... Moderate Unreviewed
CVE-2025-44866 was published May 2, 2025
Incorrect privilege assignment in PAM JIT elevation feature in Devolutions Server 2025.1.5.0 and... Moderate Unreviewed
CVE-2025-3517 was published May 2, 2025
Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an... Moderate Unreviewed
CVE-2025-46631 was published May 2, 2025
Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the... Moderate Unreviewed
CVE-2025-44867 was published May 2, 2025
Initialization vector (IV) reuse in the web management portal of the Tenda RX2 Pro 16.03.30.14... Moderate Unreviewed
CVE-2025-46632 was published May 2, 2025
Improper access controls in the web management portal of the Tenda RX2 Pro 16.03.30.14 allows an... Moderate Unreviewed
CVE-2025-46630 was published May 2, 2025
KUNBUS PiCtory version 2.11.1 and earlier are vulnerable to a cross-site-scripting attack via the... Moderate Unreviewed
CVE-2025-36558 was published May 2, 2025
Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the... Moderate Unreviewed
CVE-2025-44864 was published May 2, 2025
Tenda W20E V15.11.0.6 was found to contain a command injection vulnerability in the... Moderate Unreviewed
CVE-2025-44865 was published May 2, 2025
TOTOLINK CA300-POE V6.2c.884_B20180522 was found to contain a command injection vulnerability in... Moderate Unreviewed
CVE-2025-44861 was published May 2, 2025
An issue was discovered on goTenna v1 devices with app 5.5.3 and firmware 0.25.5. All packets... Moderate Unreviewed
CVE-2025-32886 was published May 2, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database