Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

4,100 advisories

Loading
The Total Upkeep – WordPress Backup Plugin plus Restore & Migrate by BoldGrid plugin for... High Unreviewed
CVE-2025-2257 was published Mar 26, 2025
A vulnerability, which was classified as critical, has been found in D-Link DIR-823X 240126... Moderate Unreviewed
CVE-2025-2717 was published Mar 25, 2025
HCL DevOps Deploy / HCL Launch could allow a remote privileged authenticated attacker to execute... High Unreviewed
CVE-2025-0255 was published Mar 24, 2025
A vulnerability classified as critical was found in AMTT Hotel Broadband Operation System 1.0.... Moderate Unreviewed
CVE-2025-2701 was published Mar 24, 2025
Duplicate Advisory: D-Tale Command Injection vulnerability Critical
CVE-2025-0655 was published for dtale (pip) Mar 20, 2025 withdrawn
vLLM allows Remote Code Execution by Pickle Deserialization via AsyncEngineRPCServer() RPC server entrypoints Critical
CVE-2024-9053 was published for vllm (pip) Mar 20, 2025
A vulnerability in the `start_app_server` function of parisneo/lollms-webui V12 (Strawberry)... Moderate Unreviewed
CVE-2024-10019 was published Mar 20, 2025
Improper neutralization of special elements used in an OS command ('OS Command Injection') issue... High Unreviewed
CVE-2025-24306 was published Mar 18, 2025
Improper neutralization of special elements used in an OS command ('OS Command Injection') issue... High Unreviewed
CVE-2025-25220 was published Mar 18, 2025
Koha before 24.11.02 allows admins to execute arbitrary commands via shell metacharacters in the... High Unreviewed
CVE-2025-30076 was published Mar 16, 2025
A vulnerability in the CLI of Cisco IOS XR Software could allow an authenticated, local attacker... High Unreviewed
CVE-2025-20138 was published Mar 12, 2025
Multiple improper neutralization of special elements used in an OS Command vulnerabilities [CWE... High Unreviewed
CVE-2024-54018 was published Mar 11, 2025
An improper neutralization of special elements used in an OS Command vulnerability [CWE-78] in... High Unreviewed
CVE-2024-52961 was published Mar 11, 2025
Multiple improper neutralization of special elements used in an OS command ('OS Command Injection... High Unreviewed
CVE-2024-55590 was published Mar 11, 2025
Multiple improper neutralization of special elements used in an os command ('os command injection... Moderate Unreviewed
CVE-2024-32123 was published Mar 11, 2025
The authenticated firmware update capability of the firmware for Mennekes Smart / Premium... High Unreviewed
CVE-2025-22366 was published Mar 11, 2025
The authenticated time setting capability of the firmware for Mennekes Smart / Premium... High Unreviewed
CVE-2025-22367 was published Mar 11, 2025
The authenticated SCU firmware command of the firmware for Mennekes Smart / Premium... High Unreviewed
CVE-2025-22368 was published Mar 11, 2025
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0... High Unreviewed
CVE-2025-27392 was published Mar 11, 2025
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0... Low Unreviewed
CVE-2025-27398 was published Mar 11, 2025
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0... High Unreviewed
CVE-2025-27393 was published Mar 11, 2025
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions < V4.0... High Unreviewed
CVE-2025-27394 was published Mar 11, 2025
A post-authentication command injection vulnerability in the ”zyUtilMailSend” function of the... High Unreviewed
CVE-2024-12010 was published Mar 11, 2025
A post-authentication command injection vulnerability in the "DNSServer” parameter of the... High Unreviewed
CVE-2024-11253 was published Mar 11, 2025
A post-authentication command injection vulnerability in the "ZyEE" function of the Zyxel EX5601... High Unreviewed
CVE-2024-12009 was published Mar 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database