Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,636
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,669 advisories

Loading
ColdFusion versions 2025.2, 2023.14, 2021.20 and earlier are affected by an Improper... High Unreviewed
CVE-2025-49537 was published Jul 8, 2025
OS command injection in Ivanti Endpoint Manager Mobile (EPMM) before version 12.5.0.2,12.4.0.3 ... High Unreviewed
CVE-2025-6771 was published Jul 8, 2025
OS command injection in Ivanti Endpoint Manager Mobile (EPMM) before version 12.5.0.2 allows a... High Unreviewed
CVE-2025-6770 was published Jul 8, 2025
An unauthenticated local attacker can inject a command that is subsequently executed as root,... High Unreviewed
CVE-2025-25269 was published Jul 8, 2025
In Splunk Enterprise versions below 9.4.3, 9.3.5, 9.2.7, and 9.1.10, a user who holds a role that... Moderate Unreviewed
CVE-2025-20319 was published Jul 7, 2025
A remote attacker with administrator account can gain full control of the device due to improper... Critical Unreviewed
CVE-2025-3626 was published Jul 7, 2025
A physical attacker with no privileges can gain full control of the affected device due to... Moderate Unreviewed
CVE-2025-3705 was published Jul 7, 2025
An OS command injection issue exists in Nimesa Backup and Recovery v2.3 and v2.4. If this... Critical Unreviewed
CVE-2025-48501 was published Jul 7, 2025
ThreatSonar Anti-Ransomware developed by TeamT5 has an OS Command Injection vulnerability,... High Unreviewed
CVE-2025-7145 was published Jul 7, 2025
A vulnerability, which was classified as critical, has been found in Comodo Internet Security... High Unreviewed
CVE-2025-7097 was published Jul 7, 2025
In the Production Environment extension in Netmake ScriptCase through 9.12.006 (23), shell... Moderate Unreviewed
CVE-2025-47228 was published Jul 5, 2025
An authenticated remote code execution vulnerability exists in Pandora FMS version 7.0NG and... High Unreviewed
CVE-2025-34088 was published Jul 3, 2025
An authenticated command injection vulnerability exists in Pi-hole versions up to 3.3. When... Critical Unreviewed
CVE-2025-34087 was published Jul 3, 2025
A command injection vulnerability exists in IGEL OS versions prior to 11.04.270 within the Secure... Critical Unreviewed
CVE-2025-34082 was published Jul 3, 2025
A vulnerability in Cisco Spaces Connector could allow an authenticated, local attacker to elevate... Moderate Unreviewed
CVE-2025-20308 was published Jul 2, 2025
An unauthenticated command injection vulnerability exists in stamparm/maltrail (Maltrail)... Critical Unreviewed
CVE-2025-34073 was published Jul 2, 2025
A vulnerability classified as critical was found in D-Link DI-7300G+ 19.12.25A1. Affected by this... Moderate Unreviewed
CVE-2025-6897 was published Jun 30, 2025
A command injection in the networking service of the MIB3 infotainment allows an attacker already... High Unreviewed
CVE-2023-28906 was published Jun 28, 2025
An OS command injection issue exists in multiple versions of TB-eye network recorders and AHD... High Unreviewed
CVE-2025-36529 was published Jun 27, 2025
A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It has been classified as critical.... Moderate Unreviewed
CVE-2025-6618 was published Jun 26, 2025
A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It has been declared as critical.... Moderate Unreviewed
CVE-2025-6619 was published Jun 26, 2025
A code injection vulnerability exists in Yonyou UFIDA NC v6.5 and prior due to the exposure of... Critical Unreviewed
CVE-2025-34039 was published Jun 26, 2025
Multiple wireless router models from Sapido have an OS Command Injection vulnerability, allowing... Critical Unreviewed
CVE-2025-6559 was published Jun 26, 2025
An OS command injection vulnerability exists in the Chinese versions of Sangfor Endpoint... Critical Unreviewed
CVE-2025-34041 was published Jun 26, 2025
An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and... Critical Unreviewed
CVE-2025-34035 was published Jun 26, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database