Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,992
Erlang
39
GitHub Actions
38
Go
2,634
Maven
5,000+
npm
4,258
NuGet
760
pip
4,051
Pub
12
RubyGems
955
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,989 advisories

Loading
An issue in BL-AC2100 V1.0.4 and before allows a remote attacker to execute arbitrary code via... Critical Unreviewed
CVE-2025-29063 was published Apr 2, 2025
A command injection vulnerability exists in the Infinxt iEdge 100 2.1.32 in the Troubleshoot... Moderate Unreviewed
CVE-2025-26056 was published Apr 1, 2025
In Netgear WNR854T 1.5.2 (North America), the UPNP service (/usr/sbin/upnp) is vulnerable to... Critical Unreviewed
CVE-2024-54802 was published Mar 31, 2025
A vulnerability, which was classified as critical, has been found in Digital China DCME-520 up to... Moderate Unreviewed
CVE-2025-3002 was published Mar 31, 2025
A command injection vulnerability in the telnet service of Adtran 411 ONT L80.00.0011.M2 allows... Critical Unreviewed
CVE-2025-22939 was published Mar 31, 2025
A command injection vulnerability in the web interface of Adtran 411 ONT L80.00.0011.M2 allows... Critical Unreviewed
CVE-2025-22941 was published Mar 31, 2025
A vulnerability has been found in Legrand SMS PowerView 1.x and classified as critical. Affected... Moderate Unreviewed
CVE-2025-2983 was published Mar 31, 2025
An issue was discovered in GitLab EE affecting all versions starting from 14.9 before 17.8.6, all... Low Unreviewed
CVE-2024-9773 was published Mar 27, 2025
A command injection vulnerability in the Command Dispatcher Service of NASA Fprime v3.4.3 allows... Critical Unreviewed
CVE-2024-55030 was published Mar 25, 2025
A command injection vulnerability in D-Link DIR-823X 240126 and 240802 allows an authorized... High Unreviewed
CVE-2025-29635 was published Mar 25, 2025
A vulnerability classified as critical has been found in mannaandpoem OpenManus up to 2025.3.13.... Moderate Unreviewed
CVE-2025-2733 was published Mar 25, 2025
A vulnerability, which was classified as critical, has been found in D-Link DIR-823X 240126... Moderate Unreviewed
CVE-2025-2717 was published Mar 25, 2025
A vulnerability classified as critical was found in AMTT Hotel Broadband Operation System 1.0.... Moderate Unreviewed
CVE-2025-2701 was published Mar 24, 2025
In Linksys E5600 V1.1.0.26, the \usr\share\lua\runtime.lua file contains a command injection... High Unreviewed
CVE-2025-29226 was published Mar 21, 2025
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability in the... High Unreviewed
CVE-2025-29230 was published Mar 21, 2025
In Linksys E5600 V1.1.0.26, the \usr\share\lua\runtime.lua file contains a command injection... High Unreviewed
CVE-2025-29227 was published Mar 21, 2025
Linksys E5600 v1.1.0.26 was discovered to contain a command injection vulnerability via the pt... High Unreviewed
CVE-2025-29223 was published Mar 21, 2025
Mattermost Fails to Restrict Command Execution in Archived Channels Moderate
CVE-2025-25274 was published for github.com/mattermost/mattermost/server/v8 (Go) Mar 21, 2025
AutoGPT versions 0.3.4 and earlier are vulnerable to a Server-Side Template Injection (SSTI) that... High Unreviewed
CVE-2025-1040 was published Mar 20, 2025
Duplicate Advisory: D-Tale Command Injection vulnerability Critical
CVE-2025-0655 was published for dtale (pip) Mar 20, 2025 withdrawn
A command injection vulnerability exists in the workflow-checker.yml workflow of significant... High Unreviewed
CVE-2024-8156 was published Mar 20, 2025
LiteLLM Vulnerable to Remote Code Execution (RCE) High
CVE-2024-6825 was published for litellm (pip) Mar 20, 2025
In infiniflow/ragflow versions 0.12.0, the `web_crawl` function in `document_app.py` contains... Moderate Unreviewed
CVE-2024-12450 was published Mar 20, 2025
In the `manim` plugin of binary-husky/gpt_academic, versions prior to the fix, a vulnerability... High Unreviewed
CVE-2024-10954 was published Mar 20, 2025
Horovod Vulnerable to Command Injection Critical
CVE-2024-10190 was published for horovod (pip) Mar 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database