Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,969
Erlang
39
GitHub Actions
38
Go
2,620
Maven
5,000+
npm
4,255
NuGet
760
pip
4,043
Pub
12
RubyGems
953
Rust
1,050
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,988 advisories

Loading
A vulnerability was determined in D-Link DIR-852 1.00CN B09. This issue affects the function... Moderate Unreviewed
CVE-2025-10629 was published Sep 18, 2025
A vulnerability was found in D-Link DIR-852 1.00CN B09. This vulnerability affects unknown code... Moderate Unreviewed
CVE-2025-10628 was published Sep 18, 2025
@sequa-ai/sequa-mcp has Command Injection vulnerability Moderate
CVE-2025-10619 was published for @sequa-ai/sequa-mcp (npm) Sep 17, 2025
cai0duque
Credited to cai0duque
In JetBrains Junie before 252.284.66, 251.284.66, 243.284.66, 252.284.61, 251.284.61, 243.284.61,... High Unreviewed
CVE-2025-59458 was published Sep 17, 2025
Edimax BR-6473AX v1.0.28 was discovered to contain a remote code execution (RCE) vulnerability... High Unreviewed
CVE-2025-56706 was published Sep 16, 2025
TOTOLINK X6000R V9.4.0cu.1360_B20241207 was found to contain a command injection vulnerability in... Critical Unreviewed
CVE-2025-52053 was published Sep 15, 2025
mcp-kubernetes-server has a Command Injection vulnerability Moderate
CVE-2025-59376 was published for mcp-kubernetes-server (pip) Sep 15, 2025
cai0duque
Credited to cai0duque
A vulnerability was determined in Tenda AC9 and AC15 15.03.05.14. This affects the function... Moderate Unreviewed
CVE-2025-10442 was published Sep 15, 2025
A vulnerability was found in D-Link DI-8100G, DI-8200G and DI-8003G 17.12.20A1/19.12.10A1.... Moderate Unreviewed
CVE-2025-10441 was published Sep 15, 2025
A vulnerability has been found in D-Link DI-8100, DI-8100G, DI-8200, DI-8200G, DI-8003 and DI... Moderate Unreviewed
CVE-2025-10440 was published Sep 15, 2025
A vulnerability was detected in Wavlink WL-WN578W2 221110. This impacts the function sub_404DBC... Moderate Unreviewed
CVE-2025-10359 was published Sep 13, 2025
A security vulnerability has been detected in Wavlink WL-WN578W2 221110. This affects the... Moderate Unreviewed
CVE-2025-10358 was published Sep 13, 2025
A security vulnerability has been detected in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by... Moderate Unreviewed
CVE-2025-10328 was published Sep 13, 2025
A weakness has been identified in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this... Moderate Unreviewed
CVE-2025-10327 was published Sep 12, 2025
A vulnerability was determined in Wavlink WL-WN578W2 221110. This affects the function sub_401C5C... Moderate Unreviewed
CVE-2025-10324 was published Sep 12, 2025
A vulnerability was identified in Wavlink WL-WN578W2 221110. This impacts the function sub_401340... Moderate Unreviewed
CVE-2025-10325 was published Sep 12, 2025
A vulnerability was found in Wavlink WL-WN578W2 221110. The impacted element is the function... Moderate Unreviewed
CVE-2025-10323 was published Sep 12, 2025
A security flaw has been discovered in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected is an... Moderate Unreviewed
CVE-2025-10326 was published Sep 12, 2025
The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application.... Critical Unreviewed
CVE-2025-10364 was published Sep 12, 2025
Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an... Moderate Unreviewed
CVE-2025-27233 was published Sep 12, 2025
Ai command injection in Agentic AI and Visual Studio Code allows an unauthorized attacker to... High Unreviewed
CVE-2025-55319 was published Sep 12, 2025
An arbitrary file upload vulnerability in Beakon Application before v5.4.3 allows attackers to... Moderate Unreviewed
CVE-2025-55372 was published Sep 11, 2025
interactive-git-checkout has a Command Injection vulnerability Critical
CVE-2025-59046 was published for interactive-git-checkout (npm) Sep 10, 2025
lirantal
Credited to lirantal
An issue was discovered in mcp-neo4j 0.3.0 allowing attackers to gain sensitive information or... High Unreviewed
CVE-2025-56406 was published Sep 10, 2025
A command injection vulnerability in FTP-Flask-python through 5173b68 allows unauthenticated... Critical Unreviewed
CVE-2025-57633 was published Sep 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database