Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,645
Maven
5,000+
npm
4,271
NuGet
760
pip
4,065
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,002 advisories

Loading
TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command injection vulnerability in... Moderate Unreviewed
CVE-2025-44846 was published May 1, 2025
TOTOLINK CPE CP900 V6.3c.1144_B20190715 was discovered to contain a command injection... Moderate Unreviewed
CVE-2025-44836 was published May 1, 2025
TOTOLINK CPE CP900 V6.3c.1144_B20190715 was discovered to contain a command injection... Moderate Unreviewed
CVE-2025-44837 was published May 1, 2025
Totolink CP900 V6.3c.1144_B20190715 was found to contain a command injection vulnerability in the... Moderate Unreviewed
CVE-2025-44854 was published May 1, 2025
D-Link DIR-816 A2V1.1.0B05 was found to contain a command injection in iptablesWebsFilterRun,... Moderate Unreviewed
CVE-2025-44835 was published May 1, 2025
Authenticated command injection vulnerabilities exist in the ArubaOS command line interface.... High Unreviewed
CVE-2022-37900 was published Dec 12, 2022
A vulnerability classified as critical has been found in EasyNAS 1.1.0. Affected is the function... High Unreviewed
CVE-2023-0830 was published Feb 14, 2023
A HTML Injection vulnerability was discovered in the foreigner-search.php file of PHPGurukul Park... Moderate Unreviewed
CVE-2025-45011 was published Apr 30, 2025
A HTML Injection vulnerability was discovered in the normal-search.php file of PHPGurukul Park... Moderate Unreviewed
CVE-2025-45009 was published Apr 30, 2025
A HTML Injection vulnerability was discovered in the normal-bwdates-reports-details.php file of... Moderate Unreviewed
CVE-2025-45010 was published Apr 30, 2025
Zoho ManageEngine ADManager Plus through 7151 allows authenticated admin users to execute the... High Unreviewed
CVE-2022-42904 was published Nov 18, 2022
A vulnerability, which was classified as critical, has been found in SourceCodester Web-based... Moderate Unreviewed
CVE-2025-3729 was published Apr 16, 2025
Due to insufficient escaping of special characters in the "copy as cURL" feature, an attacker... Moderate Unreviewed
CVE-2025-4089 was published Apr 29, 2025
TOTOlink A7100RU V7.4cu.2313_B20191024 was discovered to contain a command injection... Critical Unreviewed
CVE-2022-44844 was published Nov 25, 2022
TOTOLINK NR1800X V9.1.0u.6279_B20210910 contains a command injection via the FileName parameter... Critical Unreviewed
CVE-2022-44249 was published Nov 23, 2022
TOTOLINK NR1800X V9.1.0u.6279_B20210910 contains a command injection via the hostName parameter... Critical Unreviewed
CVE-2022-44250 was published Nov 23, 2022
TOTOLINK NR1800X V9.1.0u.6279_B20210910 contains a command injection via the FileName parameter... Critical Unreviewed
CVE-2022-44252 was published Nov 23, 2022
TOTOLINK NR1800X V9.1.0u.6279_B20210910 contains a command injection via the ussd parameter in... Critical Unreviewed
CVE-2022-44251 was published Nov 23, 2022
YoutubeDLSharp allows command injection on windows system due to non sanitized arguments Critical
CVE-2025-43858 was published for YoutubeDLSharp (NuGet) Apr 23, 2025
kitsumed alxnull
Credited to kitsumed and alxnull
TOTOLINK A800R V4.1.2cu.5032_B20200408 is vulnerable to Command Injection in downloadFile.cgi via... Moderate Unreviewed
CVE-2025-28017 was published Apr 23, 2025
D-Link DVG-G5402SP GE_1.03 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-44928 was published Dec 2, 2022
D-Link DHP-W310AV 3.10EU was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-44930 was published Dec 2, 2022
Markdown Preview Enhanced v0.6.5 and v0.19.6 for VSCode and Atom was discovered to contain a... Critical Unreviewed
CVE-2022-45025 was published Dec 7, 2022
Tenda W30E v1.0.1.25(633) was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-45506 was published Dec 8, 2022
Tenda W6-S v1.0.0.4(510) was discovered to contain a command injection vulnerability in the... Critical Unreviewed
CVE-2022-45497 was published Dec 8, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database