GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,787

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,669 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

WRC-BE36QS-B and WRC-W701-B contain an improper neutralization of special elements used in an OS... High Unreviewed

CVE-2025-53472 was published Jul 22, 2025

An issue was discovered in Eveo URVE Web Manager 27.02.2025. The application exposes a /_internal... Critical Unreviewed

CVE-2025-36846 was published Jul 21, 2025

A command injection vulnerability in WebAdmin of Sophos Firewall versions older than 21.0 MR2 (21... High Unreviewed

CVE-2025-7382 was published Jul 21, 2025

An arbitrary file writing vulnerability in the Secure PDF eXchange (SPX) feature of Sophos... Critical Unreviewed

CVE-2025-6704 was published Jul 21, 2025

An issue was discovered in CommScope Ruckus Unleashed prior to 200.15.6.212.14 and 200.17.7.0.139... High Unreviewed

CVE-2025-46117 was published Jul 21, 2025

A high privileged remote attacker can execute arbitrary system commands via POST requests in the... High Unreviewed

CVE-2025-41674 was published Jul 21, 2025

A high privileged remote attacker can execute arbitrary system commands via GET requests in the... High Unreviewed

CVE-2025-41675 was published Jul 21, 2025

A high privileged remote attacker can execute arbitrary system commands via POST requests in the... High Unreviewed

CVE-2025-41673 was published Jul 21, 2025

The web application allows user input to pass unfiltered to a command executed on the underlying... Critical Unreviewed

CVE-2025-24936 was published Jul 21, 2025

The web application allows user input to pass unfiltered to a command executed on the underlying... High Unreviewed

CVE-2025-24938 was published Jul 21, 2025

A vulnerability has been found in Xuxueli xxl-job up to 3.1.1 and classified as critical.... Moderate Unreviewed

CVE-2025-7788 was published Jul 18, 2025

An unauthenticated command injection vulnerability exists in the cookie handling process of the... Critical Unreviewed

CVE-2025-34125 was published Jul 17, 2025

A remote code execution vulnerability exists in multiple Netcore and Netis routers models with... Critical Unreviewed

CVE-2025-34117 was published Jul 16, 2025

An authenticated multi-stage remote code execution vulnerability exists in Riverbed SteelCentral... Critical Unreviewed

CVE-2025-34112 was published Jul 15, 2025

Nexxt Solutions NCM-X1800 Mesh Router firmware UV1.2.7 and below contains an authenticated... Moderate Unreviewed

CVE-2025-52379 was published Jul 15, 2025

An unauthenticated command injection vulnerability exists in WePresent WiPG-1000 firmware... Critical Unreviewed

CVE-2025-34103 was published Jul 15, 2025

The iSherlock developed by Hgiga has an OS Command Injection vulnerability, allowing... Critical Unreviewed

CVE-2025-7451 was published Jul 14, 2025

A vulnerability classified as critical has been found in D-Link DIR-818LW up to 20191215. This... Moderate Unreviewed

CVE-2025-7553 was published Jul 14, 2025

Linksys E1000 devices through 2.1.02, E1200 devices before 2.0.05, and E3200 devices through 1.0... High Unreviewed

CVE-2013-3307 was published Jul 11, 2025

An Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... High Unreviewed

CVE-2025-52988 was published Jul 11, 2025

A hidden remote support feature protected by a static secret in TOTOLINK N300RB firmware version... Moderate Unreviewed

CVE-2025-52089 was published Jul 11, 2025

CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'... Critical Unreviewed

CVE-2025-50121 was published Jul 11, 2025

An authenticated command injection vulnerability exists in the Polycom HDX Series command shell... High Unreviewed

CVE-2025-34093 was published Jul 10, 2025

An OS command injection vulnerability exists in Mako Server versions 2.5 and 2.6, specifically... Critical Unreviewed

CVE-2025-34095 was published Jul 10, 2025

The device has two web servers that expose unauthenticated REST APIs on the management network ... Critical Unreviewed

CVE-2025-3499 was published Jul 9, 2025

Previous 1…12…147 Next

Previous 1 2 … 10 11 12 13 14 … 146 147 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,669 advisories