Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,264
NuGet
760
pip
4,060
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,618 advisories

Loading
A command injection vulnerability exists in the /check_image_and_trigger_recovery API endpoint of... Critical Unreviewed
CVE-2024-13871 was published Mar 12, 2025
Improper neutralization of special elements used in a command ('command injection') in Azure Arc... High Unreviewed
CVE-2025-26627 was published Mar 11, 2025
Improper neutralization of special elements used in a command ('command injection') in Azure... High Unreviewed
CVE-2025-24049 was published Mar 11, 2025
A vulnerability classified as critical was found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. This... Moderate Unreviewed
CVE-2025-2096 was published Mar 8, 2025
A vulnerability was found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316. It has been rated as... Moderate Unreviewed
CVE-2025-2094 was published Mar 8, 2025
A vulnerability classified as critical has been found in TOTOLINK EX1800T 9.1.0cu.2112_B20220316.... Moderate Unreviewed
CVE-2025-2095 was published Mar 8, 2025
A command injection vulnerability has been reported to affect QHora. If exploited, the... Moderate Unreviewed
CVE-2024-53700 was published Mar 7, 2025
A command injection vulnerability has been reported to affect several QNAP operating system... Moderate Unreviewed
CVE-2024-53692 was published Mar 7, 2025
Dell ThinOS 2411 and prior, contains an Improper Neutralization of Special Elements used in a... High Unreviewed
CVE-2025-26331 was published Mar 7, 2025
SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the... Moderate Unreviewed
CVE-2025-25813 was published Mar 6, 2025
SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the... Moderate Unreviewed
CVE-2025-25802 was published Mar 6, 2025
SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the... Moderate Unreviewed
CVE-2025-25797 was published Mar 6, 2025
SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the... Moderate Unreviewed
CVE-2025-25796 was published Mar 6, 2025
SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the... Moderate Unreviewed
CVE-2025-25793 was published Mar 6, 2025
SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the... Moderate Unreviewed
CVE-2025-25794 was published Mar 6, 2025
Smartwares cameras CIP-37210AT and C724IP, as well as others which share the same firmware in... High Unreviewed
CVE-2024-13892 was published Mar 6, 2025
Tenda AC15 v15.03.05.19 is vulnerable to Command Injection via the handler function in /goform... Critical Unreviewed
CVE-2025-25632 was published Mar 5, 2025
SeaCMS v13.3 was discovered to contain a remote code execution (RCE) vulnerability via the isopen... Moderate Unreviewed
CVE-2025-25792 was published Mar 3, 2025
An arbitrary file upload vulnerability in the plugin installation feature of YZNCMS v2.0.1 allows... Moderate Unreviewed
CVE-2025-25791 was published Mar 3, 2025
A vulnerability has been found in ESAFENET DSM 3.1.2 and classified as critical. Affected by this... Moderate Unreviewed
CVE-2025-1845 was published Mar 3, 2025
A vulnerability was found in TOTOLINK X18 9.1.0cu.2024_B20220329. It has been declared as... Moderate Unreviewed
CVE-2025-1829 was published Mar 2, 2025
A vulnerability, which was classified as critical, was found in Tenda AC7 1200M 15.03.06.44.... Moderate Unreviewed
CVE-2025-1819 was published Mar 2, 2025
A vulnerability has been found in D-Link DAR-7000 3.2 and classified as critical. This... Moderate Unreviewed
CVE-2025-1800 was published Mar 1, 2025
An Improper Neutralization of Escape Sequences vulnerability could allow an Authentication Bypass... High Unreviewed
CVE-2025-23119 was published Mar 1, 2025
A vulnerability in the CLI of Cisco APIC could allow an authenticated, local attacker to execute... Moderate Unreviewed
CVE-2025-20117 was published Feb 26, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database