GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,513

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

3,668 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Dell Unity, version(s) 5.5 and Prior, contain(s) an Improper Neutralization of Special Elements... High Unreviewed

CVE-2025-43941 was published Oct 30, 2025

Dell Unity, version(s) 5.5 and Prior, contain(s) an Improper Neutralization of Special Elements... High Unreviewed

CVE-2025-43940 was published Oct 30, 2025

Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements... High Unreviewed

CVE-2025-46422 was published Oct 30, 2025

Dell Unity, version(s) 5.5 and prior, contain(s) an Improper Neutralization of Special Elements... High Unreviewed

CVE-2025-43942 was published Oct 30, 2025

win-cli-mcp-server resolveCommandPath Command Injection Remote Code Execution Vulnerability. This... Critical Unreviewed

CVE-2025-11202 was published Oct 29, 2025

D-Link DNS-343 ShareCenter devices running firmware versions up to and including 1.05 contain a... Critical Unreviewed

CVE-2018-25120 was published Oct 29, 2025

IPFire versions prior to 2.29 (Core Update 198) contain a command injection vulnerability that... High Unreviewed

CVE-2025-34312 was published Oct 28, 2025

IPFire versions prior to 2.29 (Core Update 198) contain a command injection vulnerability that... High Unreviewed

CVE-2025-34311 was published Oct 28, 2025

The “Diagnostics Tools” page of the web-based configuration utility does not properly validate... High Unreviewed

CVE-2025-1038 was published Oct 28, 2025

Command injection vulnerability exists in the “Logging” page of the web-based configuration... High Unreviewed

CVE-2025-1036 was published Oct 28, 2025

A security vulnerability has been detected in D-Link DAP-2695 2.00RC13. The impacted element is... Moderate Unreviewed

CVE-2025-12296 was published Oct 27, 2025

Antabot White-Jotter up to commit 9bcadc was discovered to contain an unauthenticated remote code... Critical Unreviewed

CVE-2025-60803 was published Oct 24, 2025

OpenVPN 2.7_alpha1 through 2.7_beta1 on POSIX based platforms allows a remote authenticated... High Unreviewed

CVE-2025-10680 was published Oct 24, 2025

Diagnostics command injection vulnerability High Unreviewed

CVE-2025-6978 was published Oct 23, 2025

AMTT Hotel Broadband Operation System (HiBOS) contains an unauthenticated command injection... Critical Unreviewed

CVE-2016-15048 was published Oct 22, 2025

Hikvision CSMP (Comprehensive Security Management Platform) iSecure Center through 2024-08-01... High Unreviewed

CVE-2024-58274 was published Oct 22, 2025

A post-authentication command injection vulnerability in Zyxel ATP series firmware versions from... High Unreviewed

CVE-2025-8078 was published Oct 21, 2025

A command injection vulnerability may be exploited after the admin's authentication on the web... Critical Unreviewed

CVE-2025-7850 was published Oct 21, 2025

An arbitrary OS command may be executed on the product by the user who can log in to the web... High Unreviewed

CVE-2025-6541 was published Oct 21, 2025

An arbitrary OS command may be executed on the product by a remote unauthenticated attacker. Critical Unreviewed

CVE-2025-6542 was published Oct 21, 2025

GeoVision embedded IP devices, confirmed on GV-BX1500 and GV-MFD1501, contain a remote command... Critical Unreviewed

CVE-2018-25118 was published Oct 21, 2025

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... High Unreviewed

CVE-2025-47901 was published Oct 20, 2025

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... High Unreviewed

CVE-2025-47900 was published Oct 20, 2025

The iSherlock developed by HGiga has an OS Command Injection vulnerability, allowing... Critical Unreviewed

CVE-2025-11900 was published Oct 17, 2025

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an OS command injection... Critical Unreviewed

CVE-2025-34513 was published Oct 16, 2025

Previous 12…147 Next

Previous 1 2 3 4 5 … 146 147 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

3,668 advisories