Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,635
Maven
5,000+
npm
4,262
NuGet
760
pip
4,057
Pub
12
RubyGems
956
Rust
1,054
Swift
45
Unreviewed advisories
All unreviewed
5,000+

542 advisories

Loading
Apache Airflow has a command injection vulnerability in "example_dag_decorator" Moderate
CVE-2025-54941 was published for apache-airflow (pip) Oct 30, 2025
FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name Moderate
CVE-2025-62801 was published for fastmcp (pip) Oct 29, 2025
nil340
Credited to nil340
A security vulnerability has been detected in D-Link DAP-2695 2.00RC13. The impacted element is... Moderate Unreviewed
CVE-2025-12296 was published Oct 27, 2025
When a user attempts to initialize the rSeries FIPS module using a password with special shell... Moderate Unreviewed
CVE-2025-60013 was published Oct 15, 2025
A vulnerability was detected in D-Link DAP-2695 2.00RC131. This affects the function... Moderate Unreviewed
CVE-2025-11665 was published Oct 13, 2025
Multiple instances of an Improper Neutralization of Special Elements used in an OS Command ('OS... Moderate Unreviewed
CVE-2025-60006 was published Oct 9, 2025
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release... Moderate Unreviewed
CVE-2025-36569 was published Oct 7, 2025
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release... Moderate Unreviewed
CVE-2025-36567 was published Oct 7, 2025
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release... Moderate Unreviewed
CVE-2025-36566 was published Oct 7, 2025
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release... Moderate Unreviewed
CVE-2025-43908 was published Oct 7, 2025
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release... Moderate Unreviewed
CVE-2025-43890 was published Oct 7, 2025
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release... Moderate Unreviewed
CVE-2025-43906 was published Oct 7, 2025
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release... Moderate Unreviewed
CVE-2025-43911 was published Oct 7, 2025
A command injection vulnerability has been reported to affect several QNAP operating system... Moderate Unreviewed
CVE-2025-47212 was published Oct 3, 2025
A weakness has been identified in D-Link DIR-816L 206b01. Affected by this issue is the function... Moderate Unreviewed
CVE-2025-9727 was published Oct 1, 2025
Dell Cloud Disaster Recovery, version(s) prior to 19.20, contain(s) an Improper Neutralization of... Moderate Unreviewed
CVE-2025-43943 was published Sep 25, 2025
OS Command injection vulnerability in D-Link C1 2020-02-21. The sub_47F028 function in jhttpd... Moderate Unreviewed
CVE-2025-57636 was published Sep 23, 2025
OS Command injection vulnerability in Tenda AC9 1.0 was discovered to contain a command injection... Moderate Unreviewed
CVE-2025-57639 was published Sep 23, 2025
HyperX NGENUITY software is potentially vulnerable to arbitrary code execution. HP is releasing... Moderate Unreviewed
CVE-2025-10568 was published Sep 19, 2025
IBM Lakehouse (watsonx.data 2.2) could allow an authenticated privileged user to execute... Moderate Unreviewed
CVE-2025-36143 was published Sep 18, 2025
A vulnerable feature in the command line interface of EdgeConnect SD-WAN could allow an... Moderate Unreviewed
CVE-2025-37129 was published Sep 17, 2025
A vulnerability was detected in Wavlink WL-WN578W2 221110. This impacts the function sub_404DBC... Moderate Unreviewed
CVE-2025-10359 was published Sep 13, 2025
A security vulnerability has been detected in Wavlink WL-WN578W2 221110. This affects the... Moderate Unreviewed
CVE-2025-10358 was published Sep 13, 2025
A security vulnerability has been detected in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by... Moderate Unreviewed
CVE-2025-10328 was published Sep 13, 2025
A weakness has been identified in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this... Moderate Unreviewed
CVE-2025-10327 was published Sep 12, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database