Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,638
Maven
5,000+
npm
4,262
NuGet
760
pip
4,058
Pub
12
RubyGems
956
Rust
1,056
Swift
45
Unreviewed advisories
All unreviewed
5,000+

2,996 advisories

Loading
In Progress Telerik Reporting versions prior to 2024 Q3 (2024.3.924), a command injection attack... High Unreviewed
CVE-2024-7840 was published Oct 9, 2024
A vulnerability has been identified in CP-8031 MASTER MODULE (All versions < CPCI85 V05), CP-8050... High Unreviewed
CVE-2023-33919 was published Jun 13, 2023
D-Link DIR810LA1_FW102B22 was discovered to contain a command injection vulnerability via the... Critical Unreviewed
CVE-2022-34974 was published Aug 4, 2022
A flaw was found in SSSD, where the sssctl command was vulnerable to shell command injection via... High Unreviewed
CVE-2021-3621 was published Dec 24, 2021
A vulnerability was detected in D-Link DAP-2695 2.00RC131. This affects the function... Moderate Unreviewed
CVE-2025-11665 was published Oct 13, 2025
A vulnerability has been found in D-Link DI-7001 MINI 19.09.19A1/24.04.18B1. The affected element... Moderate Unreviewed
CVE-2025-12313 was published Oct 27, 2025
A security vulnerability has been detected in D-Link DAP-2695 2.00RC13. The impacted element is... Moderate Unreviewed
CVE-2025-12296 was published Oct 27, 2025
SPH Engineering UgCS 5.13.0 is vulnerable to Arbitary code execution. High Unreviewed
CVE-2025-60595 was published Oct 29, 2025
NeuVector Enforcer is vulnerable to Command Injection and Buffer overflow Critical
CVE-2025-54469 was published for github.com/neuvector/neuvector (Go) Oct 21, 2025
A local privilege escalation vulnerability in the WatchGuard Mobile VPN with SSL client on... Moderate Unreviewed
CVE-2025-1549 was published Oct 29, 2025
The LB-Link routers, including the BL-AC2100_AZ3 V1.0.4, BL-WR4000 v2.5.0, BL-WR9000_AE4 v2.4.9,... Moderate Unreviewed
CVE-2025-57685 was published Sep 22, 2025
jshERP up to commit fbda24da was discovered to contain an unauthenticated remote code execution ... High Unreviewed
CVE-2025-60801 was published Oct 24, 2025
Command injection vulnerability in the Edge Computing UI for the TRO600 series radios that allows... High Unreviewed
CVE-2024-41153 was published Oct 29, 2024
The TLS4B ATG system's SOAP-based interface is vulnerable due to its accessibility through the... Critical Unreviewed
CVE-2025-58428 was published Oct 23, 2025
An issue was discovered in BAE SOCET GXP before 4.6.0.2. An attacker with the ability to interact... Moderate Unreviewed
CVE-2025-54964 was published Oct 23, 2025
Bambu Studio 2.1.1.52 and earlier is affected by a vulnerability that allows arbitrary code... Moderate Unreviewed
CVE-2025-57521 was published Oct 21, 2025
Apache HugeGraph-Server: Command execution in gremlin Critical
CVE-2024-27348 was published for org.apache.hugegraph:hugegraph-api (Maven) Apr 22, 2024
Remote code execution (RCE) in Apache Airflow High
CVE-2020-11978 was published for apache-airflow (pip) Jul 27, 2020
sunSUNQ
Credited to sunSUNQ
Remote code execution in PHPMailer Critical
CVE-2016-10033 was published for phpmailer/phpmailer (Composer) Mar 5, 2020
A command injection vulnerability in Palo Alto Networks PAN-OS® enables an authenticated... High Unreviewed
CVE-2025-4231 was published Jun 13, 2025
A high privileged remote attacker can influence the parameters passed to the openssl command due... Low Unreviewed
CVE-2025-41721 was published Oct 22, 2025
The D-Link DIR-645 Wired/Wireless Router Rev. Ax with firmware 1.04b12 and earlier allows remote... High Unreviewed
CVE-2015-2051 was published May 17, 2022
Exim 4.72 and earlier allows local users to gain privileges by leveraging the ability of the exim... Moderate Unreviewed
CVE-2010-4345 was published May 13, 2022
HP OpenView Network Node Manager 6.2 through 7.50 allows remote attackers to execute arbitrary... High Unreviewed
CVE-2005-2773 was published May 1, 2022
masterCGI in the Unified Maintenance Tool in Alcatel OmniPCX Enterprise Communication Server R7.1... High Unreviewed
CVE-2007-3010 was published May 1, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database