Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,640
Maven
5,000+
npm
4,265
NuGet
760
pip
4,061
Pub
12
RubyGems
956
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,000 advisories

Loading
A vulnerability classified as critical has been found in D-Link DIR-890L and DIR-806A1 up to... Moderate Unreviewed
CVE-2025-4340 was published May 6, 2025
A vulnerability was found in D-Link DIR-619L 2.04B04. It has been declared as critical. This... Moderate Unreviewed
CVE-2025-4454 was published May 9, 2025
Tenda FH451 V1.0.0.9 is vulnerable to Remote Code Execution in the formSafeEmailFilter function. Moderate Unreviewed
CVE-2025-44176 was published May 12, 2025
An arbitrary file upload vulnerability in the Image Gallery of ThingsBoard Community, ThingsBoard... Moderate Unreviewed
CVE-2024-55466 was published May 12, 2025
A vulnerability was found in D-Link DIR-619L 2.04B04. It has been classified as critical. This... Moderate Unreviewed
CVE-2025-4453 was published May 9, 2025
Improper neutralization of special elements used in a command ('command injection') in Visual... High Unreviewed
CVE-2025-32702 was published May 13, 2025
EnerSys AMPA versions 24.04 through 24.16, inclusive, are vulnerable to command injection leading... Critical Unreviewed
CVE-2024-12442 was published May 9, 2025
EnerSys AMPA 22.09 and prior versions are vulnerable to command injection leading to privileged... Critical Unreviewed
CVE-2024-11861 was published May 9, 2025
A vulnerability has been found in AMTT Hotel Broadband Operation System 1.0 and classified as... Moderate Unreviewed
CVE-2025-3983 was published Apr 27, 2025
An issue in dlink DNS-320 v.1.00 and DNS-320LW v.1.01.0914.20212 allows an attacker to execute... Moderate Unreviewed
CVE-2025-44023 was published May 8, 2025
A vulnerability was found in Netgear JWNR2000v2 1.0.0.11. It has been rated as critical. Affected... Moderate Unreviewed
CVE-2025-4122 was published Apr 30, 2025
A vulnerability classified as critical has been found in D-Link DIR-600L up to 2.07B01. This... High Unreviewed
CVE-2025-4349 was published May 6, 2025
TOTOLINK A950RG V4.1.2cu.5204_B20210112 contains a command execution vulnerability in the... Critical Unreviewed
CVE-2025-45800 was published May 2, 2025
A command execution vulnerability exists in the TOTOLINK A950RG V4.1.2cu.5204_B20210112. The... Moderate Unreviewed
CVE-2025-45798 was published May 8, 2025
A vulnerability classified as critical was found in D-Link DIR-600L up to 2.07B01. This... High Unreviewed
CVE-2025-4350 was published May 6, 2025
Jan v0.5.14 and before is vulnerable to remote code execution (RCE) when the user clicks on a... Critical Unreviewed
CVE-2025-29509 was published May 9, 2025
AWorld OS Command Injection vulnerability Low
CVE-2025-4032 was published for aworld (pip) Apr 28, 2025
D-Link DIR878 1.30B08 Hotfix_04 was discovered to contain a command injection vulnerability via... Critical Unreviewed
CVE-2022-43184 was published Oct 19, 2022
HTML injection vulnerability in lemeconsultoria HCM galera.app v.4.58.0 allows an attacker to... Moderate Unreviewed
CVE-2025-29154 was published May 7, 2025
When running in Appliance mode, a command injection vulnerability exists in an undisclosed... High Unreviewed
CVE-2025-31644 was published May 8, 2025
A vulnerability was found in TOTOLINK N150RT 3.4.0-B20190525. It has been rated as critical. This... Moderate Unreviewed
CVE-2025-3987 was published Apr 28, 2025
Tenda AC9 v15.03.05.14 was discovered to contain a command injection vulnerability via the Telnet... Critical Unreviewed
CVE-2025-45042 was published May 5, 2025
D-Link DIR-816 A2 1.10 B05 was discovered to contain multiple command injection vulnerabilities... High Unreviewed
CVE-2022-42999 was published Oct 27, 2022
myVesta Control Panel before 0.9.8-26-43 and Vesta Control Panel before 0.9.8-26 are vulnerable... High Unreviewed
CVE-2021-46850 was published Oct 24, 2022
goshs route not protected, allows command execution Critical
CVE-2025-46816 was published for github.com/patrickhener/goshs (Go) May 6, 2025
Guilhem7
Credited to Guilhem7
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database