Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,785
Erlang
36
GitHub Actions
29
Go
2,368
Maven
5,000+
npm
3,989
NuGet
720
pip
3,781
Pub
12
RubyGems
926
Rust
982
Swift
38
Unreviewed advisories
All unreviewed
5,000+

3,724 advisories

Loading
A vulnerability in Cisco Spaces Connector could allow an authenticated, local attacker to elevate... Moderate Unreviewed
CVE-2025-20308 was published Jul 2, 2025
An unauthenticated command injection vulnerability exists in stamparm/maltrail (Maltrail)... Critical Unreviewed
CVE-2025-34073 was published Jul 2, 2025
Conductor vulnerable to OS command injection through unrestricted access to Java classes Critical
CVE-2025-26074 was published for org.conductoross:conductor-core (Maven) Jun 30, 2025
A vulnerability classified as critical was found in D-Link DI-7300G+ 19.12.25A1. Affected by this... Moderate Unreviewed
CVE-2025-6897 was published Jun 30, 2025
A command injection in the networking service of the MIB3 infotainment allows an attacker already... High Unreviewed
CVE-2023-28906 was published Jun 28, 2025
An OS command injection issue exists in multiple versions of TB-eye network recorders and AHD... High Unreviewed
CVE-2025-36529 was published Jun 27, 2025
A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It has been classified as critical.... Moderate Unreviewed
CVE-2025-6618 was published Jun 26, 2025
A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It has been declared as critical.... Moderate Unreviewed
CVE-2025-6619 was published Jun 26, 2025
A code injection vulnerability exists in Yonyou UFIDA NC v6.5 and prior due to the exposure of... Critical Unreviewed
CVE-2025-34039 was published Jun 26, 2025
An OS command injection vulnerability exists in the Chinese versions of Sangfor Endpoint... Critical Unreviewed
CVE-2025-34041 was published Jun 26, 2025
Multiple wireless router models from Sapido have an OS Command Injection vulnerability, allowing... Critical Unreviewed
CVE-2025-6559 was published Jun 26, 2025
iOS Simulator MCP Command Injection allowed via exec API Moderate
CVE-2025-52573 was published for ios-simulator-mcp (npm) Jun 26, 2025
lirantal
Certain hybrid DVR models (HBF-09KD and HBF-16NK) from Hunt Electronic have an OS Command... High Unreviewed
CVE-2025-6562 was published Jun 26, 2025
A vulnerability was found in TOTOLINK CA300-PoE 6.2c.884. It has been rated as critical. Affected... Moderate Unreviewed
CVE-2025-6620 was published Jun 26, 2025
A vulnerability classified as critical has been found in TOTOLINK CA300-PoE 6.2c.884. This... Moderate Unreviewed
CVE-2025-6621 was published Jun 26, 2025
A user with specific node group editing permissions and a specially crafted class parameter could... High Unreviewed
CVE-2025-5459 was published Jun 26, 2025
WRC-X3000GS, WRC-X3000GSA, and WRC-X3000GSN contain an improper neutralization of special... High Unreviewed
CVE-2025-41427 was published Jun 24, 2025
WRH-733GBK and WRH-733GWH contain an improper neutralization of special elements used in an OS... Critical Unreviewed
CVE-2025-48890 was published Jun 24, 2025
WRH-733GBK and WRH-733GWH contain an improper neutralization of special elements used in an OS... Critical Unreviewed
CVE-2025-43879 was published Jun 24, 2025
Meridian Technique Materialise OrthoView through 7.5.1 allows OS Command Injection when servlet... High Unreviewed
CVE-2025-23049 was published Jun 23, 2025
Aviatrix Controller versions prior to 7.1.4208, 7.2.5090, and 8.0.0 fail to sanitize user input... High Unreviewed
CVE-2025-2172 was published Jun 23, 2025
An OS command injection vulnerability exists in the Edimax EW-7438RPn Mini firmware version 1.13... Critical Unreviewed
CVE-2025-34029 was published Jun 20, 2025
A command injection vulnerability was discovered in the TrustyAI Explainability toolkit.... Moderate Unreviewed
CVE-2025-6193 was published Jun 20, 2025
Some Hikvision Wireless Access Point are vulnerable to authenticated remote command execution due... High Unreviewed
CVE-2025-39240 was published Jun 13, 2025
A command injection vulnerability in Palo Alto Networks PAN-OS® software enables an authenticated... High Unreviewed
CVE-2025-4230 was published Jun 13, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database