GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,219

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

901 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application.... Critical Unreviewed

CVE-2025-10364 was published Sep 12, 2025

A command injection vulnerability in FTP-Flask-python through 5173b68 allows unauthenticated... Critical Unreviewed

CVE-2025-57633 was published Sep 9, 2025

In RaspAP raspap-webgui 3.3.2 and earlier, a command injection vulnerability exists in the... Critical Unreviewed

CVE-2025-50428 was published Aug 27, 2025

Insecure Permissions vulnerability in sparkshop v.1.1.7 allows a remote attacker to execute... Critical Unreviewed

CVE-2025-50722 was published Aug 26, 2025

The DI-7400G+ router has a command injection vulnerability, which allows attackers to execute... Critical Unreviewed

CVE-2025-57105 was published Aug 22, 2025

Multiple Improper Input Validation vulnerabilities in UniFi Connect EV Station Lite may allow a... Critical Unreviewed

CVE-2025-24285 was published Aug 21, 2025

TOTOLINK-A3002R v4.0.0-B20230531.1404 was discovered to contain a command injection vulnerability... Critical Unreviewed

CVE-2025-55591 was published Aug 18, 2025

An issue in Intelbras RX1500 v2.2.9 and RX3000 v1.0.11 allows unauthenticated attackers to... Critical Unreviewed

CVE-2025-26063 was published Jul 31, 2025

Totolink A3300R V17.0.0cu.596_B20250515 was found to contain a command injection vulnerability in... Critical Unreviewed

CVE-2025-52046 was published Jul 17, 2025

Successful exploitation of the vulnerability could allow an attacker to inject commands with root... Critical Unreviewed

CVE-2025-52688 was published Jul 16, 2025

Vulnerabilities* in ActADUR local server product, developed and maintained by ProTNS, allows... Critical Unreviewed

CVE-2025-3621 was published Jul 15, 2025

Wavlink WN535K3 20191010 was found to contain a command injection vulnerability in the... Critical Unreviewed

CVE-2025-50756 was published Jul 14, 2025

An issue D-Link DIR-816-A2 DIR-816A2_FWv1.10CNB05_R1B011D88210 allows a remote attacker to... Critical Unreviewed

CVE-2025-45931 was published Jun 30, 2025

Blink routers BL-WR9000 V2.4.9 , BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5 , BL-LTE300 v1.2.3, BL... Critical Unreviewed

CVE-2025-45988 was published Jun 13, 2025

Blink routers BL-WR9000 V2.4.9 , BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5 , BL-LTE300 v1.2.3, BL... Critical Unreviewed

CVE-2025-45987 was published Jun 13, 2025

Blink routers BL-WR9000 V2.4.9 , BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5 , BL-LTE300 v1.2.3, BL... Critical Unreviewed

CVE-2025-45986 was published Jun 13, 2025

Blink routers BL-WR9000 V2.4.9, BL-AC1900 V1.0.2, BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 V1.0.5, BL... Critical Unreviewed

CVE-2025-45984 was published Jun 13, 2025

Blink routers BL-WR9000 V2.4.9 , BL-AC2100_AZ3 V1.0.4, BL-X10_AC8 v1.0.5 , BL-LTE300 v1.2.3, BL... Critical Unreviewed

CVE-2025-45985 was published Jun 13, 2025

Ai command injection in M365 Copilot allows an unauthorized attacker to disclose information over... Critical Unreviewed

CVE-2025-32711 was published Jun 11, 2025

The Evertz SVDN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application.... Critical Unreviewed

CVE-2025-4009 was published May 28, 2025

The Meteobridge web interface let meteobridge administrator manage their weather station data... Critical Unreviewed

CVE-2025-4008 was published May 21, 2025

D-link DI-8100 16.07.26A1 is vulnerable to Command Injection. An attacker can exploit this... Critical Unreviewed

CVE-2025-44084 was published May 20, 2025

Jan v0.5.14 and before is vulnerable to remote code execution (RCE) when the user clicks on a... Critical Unreviewed

CVE-2025-29509 was published May 9, 2025

EnerSys AMPA versions 24.04 through 24.16, inclusive, are vulnerable to command injection leading... Critical Unreviewed

CVE-2024-12442 was published May 9, 2025

EnerSys AMPA 22.09 and prior versions are vulnerable to command injection leading to privileged... Critical Unreviewed

CVE-2024-11861 was published May 9, 2025

Previous1…37 Next

Previous 1 2 3 4 5 … 36 37 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

901 advisories