GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,574

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,612 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A Command Injection vulnerability, resulting from improper file path sanitization (Directory... High Unreviewed

CVE-2025-12155 was published Nov 10, 2025

Dell CloudLink, versions prior 8.1.1, contain a Command Injection vulnerability which can be... Moderate Unreviewed

CVE-2025-46365 was published Nov 5, 2025

An issue in NetSurf v.3.11 allows a remote attacker to execute arbitrary code via the... Moderate Unreviewed

CVE-2024-51317 was published Nov 3, 2025

SPH Engineering UgCS 5.13.0 is vulnerable to Arbitary code execution. High Unreviewed

CVE-2025-60595 was published Oct 29, 2025

A local privilege escalation vulnerability in the WatchGuard Mobile VPN with SSL client on... Moderate Unreviewed

CVE-2025-1549 was published Oct 29, 2025

A vulnerability has been found in D-Link DI-7001 MINI 19.09.19A1/24.04.18B1. The affected element... Moderate Unreviewed

CVE-2025-12313 was published Oct 27, 2025

A security vulnerability has been detected in D-Link DAP-2695 2.00RC13. The impacted element is... Moderate Unreviewed

CVE-2025-12296 was published Oct 27, 2025

jshERP up to commit fbda24da was discovered to contain an unauthenticated remote code execution ... High Unreviewed

CVE-2025-60801 was published Oct 24, 2025

The TLS4B ATG system's SOAP-based interface is vulnerable due to its accessibility through the... Critical Unreviewed

CVE-2025-58428 was published Oct 23, 2025

An issue was discovered in BAE SOCET GXP before 4.6.0.2. An attacker with the ability to interact... Moderate Unreviewed

CVE-2025-54964 was published Oct 23, 2025

A high privileged remote attacker can influence the parameters passed to the openssl command due... Low Unreviewed

CVE-2025-41721 was published Oct 22, 2025

Reolink desktop application 8.18.12 contains a command injection vulnerability in its scheduled... Moderate Unreviewed

CVE-2025-56799 was published Oct 21, 2025

Bambu Studio 2.1.1.52 and earlier is affected by a vulnerability that allows arbitrary code... Moderate Unreviewed

CVE-2025-57521 was published Oct 21, 2025

Zohocorp ManageEngine ADManager Plus version before 8024 are vulnerable to authenticated command... Critical Unreviewed

CVE-2025-10020 was published Oct 21, 2025

Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... Moderate Unreviewed

CVE-2025-62696 was published Oct 21, 2025

Reolink Video Doorbell WiFi DB_566128M5MP_W performs insufficient validation of firmware update... Moderate Unreviewed

CVE-2025-60855 was published Oct 16, 2025

An arbitrary file upload vulnerability in SageMath, Inc CoCalc before commit 0d2ff58 allows... Moderate Unreviewed

CVE-2025-61514 was published Oct 16, 2025

Command injection in some Zoom Clients for Windows may allow an authenticated user to conduct a... Moderate Unreviewed

CVE-2025-58132 was published Oct 15, 2025

A vulnerability in the web-based management interface of network access point configuration... High Unreviewed

CVE-2025-37146 was published Oct 14, 2025

An authenticated command injection vulnerability exists in the CLI binary of an AOS-8 Controller... High Unreviewed

CVE-2025-37134 was published Oct 14, 2025

An authenticated command injection vulnerability exists in the CLI binary of an AOS-8 Controller... High Unreviewed

CVE-2025-37133 was published Oct 14, 2025

An authenticated command injection vulnerability exists in the command line interface binary of... Moderate Unreviewed

CVE-2025-37138 was published Oct 14, 2025

A vulnerability was detected in D-Link DAP-2695 2.00RC131. This affects the function... Moderate Unreviewed

CVE-2025-11665 was published Oct 13, 2025

An arbitrary file upload vulnerability exists in JeeWMS 20250820, which is caused by the lack of... Moderate Unreviewed

CVE-2025-60268 was published Oct 10, 2025

An arbitrary file upload vulnerability in MCMS v6.0.1 allows attackers to execute arbitrary code... Moderate Unreviewed

CVE-2025-60838 was published Oct 10, 2025

Previous1…105 Next

Previous 1 2 3 4 5 … 104 105 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,612 advisories