GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,600

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,668 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

An OS command injection vulnerability in user interface in Western Digital My Cloud firmware... Critical Unreviewed

CVE-2025-30247 was published Sep 29, 2025

OS Command injection vulnerability in PublicCMS PublicCMS-V5.202506.a, and PublicCMS-V5.202506.b... High Unreviewed

CVE-2025-57516 was published Sep 29, 2025

Multiple robotic products by Unitree sharing a common firmware, including the Go2, G1, H1, and B2... High Unreviewed

CVE-2025-35027 was published Sep 26, 2025

Unitree Go2, G1, H1, and B2 devices through 2025-09-20 allow root OS command injection via the... High Unreviewed

CVE-2025-60017 was published Sep 26, 2025

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed

CVE-2025-11005 was published Sep 25, 2025

Dell Cloud Disaster Recovery, version(s) prior to 19.20, contain(s) an Improper Neutralization of... Moderate Unreviewed

CVE-2025-43943 was published Sep 25, 2025

Nagios XI < 2026R1 is vulnerable to an authenticated command injection vulnerability within the... High Unreviewed

CVE-2025-34227 was published Sep 25, 2025

Ericsson Indoor Connect 8855 contains a command injection vulnerability which if exploited can... High Unreviewed

CVE-2025-27262 was published Sep 25, 2025

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed

CVE-2025-52906 was published Sep 24, 2025

An issue in Datart v.1.0.0-rc.3 allows a remote attacker to execute arbitrary code via the INIT... Critical Unreviewed

CVE-2025-56819 was published Sep 24, 2025

OS Command injection vulnerability in D-Link C1 2020-02-21. The sub_47F028 function in jhttpd... Moderate Unreviewed

CVE-2025-57636 was published Sep 23, 2025

OS Command injection vulnerability in Tenda AC9 1.0 was discovered to contain a command injection... Moderate Unreviewed

CVE-2025-57639 was published Sep 23, 2025

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed

CVE-2025-9588 was published Sep 23, 2025

An OS command injection vulnerability has been discovered in the Vitogate 300, which can be... High Unreviewed

CVE-2025-9494 was published Sep 23, 2025

CWP (aka Control Web Panel or CentOS Web Panel) before 0.9.8.1205 allows unauthenticated remote... Critical Unreviewed

CVE-2025-48703 was published Sep 22, 2025

HyperX NGENUITY software is potentially vulnerable to arbitrary code execution. HP is releasing... Moderate Unreviewed

CVE-2025-10568 was published Sep 19, 2025

IBM Lakehouse (watsonx.data 2.2) could allow an authenticated privileged user to execute... Moderate Unreviewed

CVE-2025-36143 was published Sep 18, 2025

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python... Critical Unreviewed

CVE-2025-23316 was published Sep 18, 2025

The N-Reporter, N-Cloud, and N-Probe developed by N-Partner has an OS Command Injection... Critical Unreviewed

CVE-2025-9972 was published Sep 17, 2025

Improper neutralization of special elements used in an OS command ('OS Command Injection') issue... High Unreviewed

CVE-2025-58116 was published Sep 17, 2025

In LemonLDAP::NG before 2.16.7 and 2.17 through 2.21 before 2.21.3, OS command injection can... High Unreviewed

CVE-2025-59518 was published Sep 17, 2025

The N-Reporter, N-Cloud, and N-Probe developed by N-Partner has an OS Command Injection... High Unreviewed

CVE-2025-10589 was published Sep 17, 2025

A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN Gateways Command Line... High Unreviewed

CVE-2025-37126 was published Sep 17, 2025

A vulnerable feature in the command line interface of EdgeConnect SD-WAN could allow an... Moderate Unreviewed

CVE-2025-37129 was published Sep 17, 2025

Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a misconfiguration in the sudoers file... Critical Unreviewed

CVE-2025-34187 was published Sep 16, 2025

Previous 1…5…147 Next

Previous 1 2 3 4 5 6 7 … 146 147 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,668 advisories