Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,656
Maven
5,000+
npm
4,284
NuGet
760
pip
4,069
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,018 advisories

Loading
pnetlab 5.3.11 is vulnerable to Command Injection via the qemu_options parameter. Moderate Unreviewed
CVE-2025-63749 was published Nov 18, 2025
A vulnerability in the command line interface of affected devices could allow an authenticated... Moderate Unreviewed
CVE-2025-37162 was published Nov 18, 2025
A remote command execution (RCE) vulnerability was discovered in all H3C ERG3/ERG5 series routers... Moderate Unreviewed
CVE-2025-63258 was published Nov 18, 2025
A code injection vulnerability exists in baryhuang/mcp-server-aws-resources-python 0.1.0 that... Moderate Unreviewed
CVE-2025-63604 was published Nov 18, 2025
A command injection vulnerability exists in the MCP Data Science Server's (reading-plus-ai/mcp... Moderate Unreviewed
CVE-2025-63603 was published Nov 18, 2025
GitLab has remediated an issue in GitLab EE affecting all versions from 17.8 before 18.3.6, 18.4... Low Unreviewed
CVE-2025-6945 was published Nov 15, 2025
An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware... Moderate Unreviewed
CVE-2025-60672 was published Nov 13, 2025
An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware... Moderate Unreviewed
CVE-2025-60673 was published Nov 13, 2025
A command injection vulnerability exists in the D-Link DIR-823G router firmware DIR823G_V1.0... Moderate Unreviewed
CVE-2025-60675 was published Nov 13, 2025
An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware... Moderate Unreviewed
CVE-2025-60676 was published Nov 13, 2025
A command injection vulnerability exists in the TOTOLINK A950RG Router firmware V5.9c... Moderate Unreviewed
CVE-2025-60702 was published Nov 13, 2025
An issue in Intermesh BV GroupOffice vulnerable before v.25.0.47 and 6.8.136 allows a remote... High Unreviewed
CVE-2025-63406 was published Nov 13, 2025
A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1_FW102B02... Moderate Unreviewed
CVE-2025-60700 was published Nov 13, 2025
A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1_FW102B02... Moderate Unreviewed
CVE-2025-60701 was published Nov 13, 2025
A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1_FW102B02... High Unreviewed
CVE-2025-60697 was published Nov 13, 2025
A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1_FW102B02... High Unreviewed
CVE-2025-60698 was published Nov 13, 2025
A command injection vulnerability exists in the D-Link DIR-823G router firmware DIR823G_V1.0... Moderate Unreviewed
CVE-2025-60671 was published Nov 13, 2025
An unauthenticated command injection vulnerability exists in the Start_EPI function of the httpd... Moderate Unreviewed
CVE-2025-60689 was published Nov 13, 2025
An unauthenticated command injection vulnerability exists in the ToToLink LR1200GB Router... Moderate Unreviewed
CVE-2025-60687 was published Nov 13, 2025
A command injection vulnerability exists in the ToToLink A720R Router firmware V4.1.5cu... Moderate Unreviewed
CVE-2025-60682 was published Nov 13, 2025
A command injection vulnerability exists in the ToToLink A720R Router firmware V4.1.5cu... Moderate Unreviewed
CVE-2025-60683 was published Nov 13, 2025
Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Neutralization of... High Unreviewed
CVE-2025-46427 was published Nov 12, 2025
Dell SmartFabric OS10 Software, versions prior to 10.6.1.0, contain an Improper Neutralization... High Unreviewed
CVE-2025-46428 was published Nov 12, 2025
Improper neutralization of special elements used in a command ('command injection') in Visual... High Unreviewed
CVE-2025-62222 was published Nov 11, 2025
Improper neutralization of special elements used in a command ('command injection') in Visual... Moderate Unreviewed
CVE-2025-62214 was published Nov 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database