Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,651
Maven
5,000+
npm
4,279
NuGet
760
pip
4,066
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,013 advisories

Loading
GitLab has remediated an issue in GitLab EE affecting all versions from 17.8 before 18.3.6, 18.4... Low Unreviewed
CVE-2025-6945 was published Nov 15, 2025
An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware... Moderate Unreviewed
CVE-2025-60673 was published Nov 13, 2025
A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1_FW102B02... Moderate Unreviewed
CVE-2025-60701 was published Nov 13, 2025
A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1_FW102B02... Moderate Unreviewed
CVE-2025-60700 was published Nov 13, 2025
An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware... Moderate Unreviewed
CVE-2025-60676 was published Nov 13, 2025
An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware... Moderate Unreviewed
CVE-2025-60672 was published Nov 13, 2025
A command injection vulnerability exists in the D-Link DIR-823G router firmware DIR823G_V1.0... Moderate Unreviewed
CVE-2025-60675 was published Nov 13, 2025
An issue in Intermesh BV GroupOffice vulnerable before v.25.0.47 and 6.8.136 allows a remote... High Unreviewed
CVE-2025-63406 was published Nov 13, 2025
A command injection vulnerability exists in the TOTOLINK A950RG Router firmware V5.9c... Moderate Unreviewed
CVE-2025-60702 was published Nov 13, 2025
A command injection vulnerability exists in the D-Link DIR-823G router firmware DIR823G_V1.0... Moderate Unreviewed
CVE-2025-60671 was published Nov 13, 2025
Improper neutralization of special elements used in a command ('command injection') in Visual... High Unreviewed
CVE-2025-62222 was published Nov 11, 2025
A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1_FW102B02... High Unreviewed
CVE-2025-60697 was published Nov 13, 2025
A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1_FW102B02... High Unreviewed
CVE-2025-60698 was published Nov 13, 2025
An unauthenticated command injection vulnerability exists in the Start_EPI function of the httpd... Moderate Unreviewed
CVE-2025-60689 was published Nov 13, 2025
An unauthenticated command injection vulnerability exists in the ToToLink LR1200GB Router... Moderate Unreviewed
CVE-2025-60687 was published Nov 13, 2025
A command injection vulnerability exists in the ToToLink A720R Router firmware V4.1.5cu... Moderate Unreviewed
CVE-2025-60683 was published Nov 13, 2025
A command injection vulnerability exists in the ToToLink A720R Router firmware V4.1.5cu... Moderate Unreviewed
CVE-2025-60682 was published Nov 13, 2025
An issue in Agnitum Outpost Security Suite 7.5.3 (3942.608.1810) and 7.6 (3984.693.1842) allows a... High Unreviewed
CVE-2024-57695 was published Nov 11, 2025
KERUI K259 5MP Wi-Fi / Tuya Smart Security Camera firmware v33.53.87 contains a code execution... Moderate Unreviewed
CVE-2025-63296 was published Nov 10, 2025
Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Neutralization... High Unreviewed
CVE-2025-46428 was published Nov 12, 2025
Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Neutralization of... High Unreviewed
CVE-2025-46427 was published Nov 12, 2025
Improper neutralization of special elements used in a command ('command injection') in Visual... Moderate Unreviewed
CVE-2025-62214 was published Nov 11, 2025
Zohocorp ManageEngine Applications Manager versions 178100 and below are vulnerable to... High Unreviewed
CVE-2025-9223 was published Nov 11, 2025
A Command Injection vulnerability, resulting from improper file path sanitization (Directory... High Unreviewed
CVE-2025-12155 was published Nov 10, 2025
Magento is affected by an os command injection via the Data collection endpoint High
CVE-2021-36024 was published for magento/community-edition (Composer) May 24, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database