GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,904
Composer 5,067
Erlang 39
GitHub Actions 38
Go 2,711
Maven 6,141
npm 4,328
NuGet 761
pip 4,105
Pub 12
RubyGems 958
Rust 1,065
Swift 45

Unreviewed advisories

All unreviewed 278,899

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,094 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Post By Email plugin for WordPress is vulnerable to arbitrary file uploads due to missing... Critical Unreviewed

CVE-2025-9762 was published Sep 30, 2025

An OS command injection vulnerability in user interface in Western Digital My Cloud firmware... Critical Unreviewed

CVE-2025-30247 was published Sep 29, 2025

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed

CVE-2025-11005 was published Sep 25, 2025

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed

CVE-2025-52906 was published Sep 24, 2025

An issue in Datart v.1.0.0-rc.3 allows a remote attacker to execute arbitrary code via the INIT... Critical Unreviewed

CVE-2025-56819 was published Sep 24, 2025

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed

CVE-2025-9588 was published Sep 23, 2025

CWP (aka Control Web Panel or CentOS Web Panel) before 0.9.8.1205 allows unauthenticated remote... Critical Unreviewed

CVE-2025-48703 was published Sep 22, 2025

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python... Critical Unreviewed

CVE-2025-23316 was published Sep 18, 2025

The N-Reporter, N-Cloud, and N-Probe developed by N-Partner has an OS Command Injection... Critical Unreviewed

CVE-2025-9972 was published Sep 17, 2025

Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a misconfiguration in the sudoers file... Critical Unreviewed

CVE-2025-34187 was published Sep 16, 2025

Ilevia EVE X1 Server version ≤ 4.7.18.0.eden contains an unauthenticated OS command injection... Critical Unreviewed

CVE-2025-34184 was published Sep 16, 2025

Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a vulnerability in its authentication... Critical Unreviewed

CVE-2025-34186 was published Sep 16, 2025

Certain models of NVR developed by Digiever has an OS Command Injection vulnerability, allowing... Critical Unreviewed

CVE-2025-10265 was published Sep 12, 2025

Multiple CWE-78 Critical Unreviewed

CVE-2025-55048 was published Sep 9, 2025

TRENDnet TV-IP410 vA1.0R was discovered to contain an OS command injection vulnerability via the ... Critical Unreviewed

CVE-2024-46484 was published Aug 29, 2025

D-Link DIR-868L B1 router firmware version FW2.05WWB02 contains an unauthenticated OS command... Critical Unreviewed

CVE-2025-55583 was published Aug 28, 2025

AnyShare contains a critical unauthenticated remote code execution vulnerability in the... Critical Unreviewed

CVE-2025-34160 was published Aug 28, 2025

A command injection vulnerability in Dahua EIMS versions prior to 2240008 allows unauthenticated... Critical Unreviewed

CVE-2024-13985 was published Aug 28, 2025

Multiple D-Link DIR-series routers, including DIR-110, DIR-412, DIR-600, DIR-610, DIR-615, DIR... Critical Unreviewed

CVE-2018-25115 was published Aug 28, 2025

Coolify versions prior to v4.0.0-beta.420.7 are vulnerable to a remote code execution... Critical Unreviewed

CVE-2025-34161 was published Aug 27, 2025

A remote unauthenticated attacker who has bypassed authentication could execute arbitrary OS... Critical Unreviewed

CVE-2025-3128 was published Aug 21, 2025

FreeNAS 0.7.2 prior to revision 5543 includes an unauthenticated command‐execution backdoor in... Critical Unreviewed

CVE-2010-20059 was published Aug 20, 2025

Improper Input Validation vulnerability in N-able N-central allows OS Command Injection.This... Critical Unreviewed

CVE-2025-8876 was published Aug 14, 2025

An issue was discovered on KuWFi GC111 devices (Hardware Version: CPE-LM321_V3.2, Software... Critical Unreviewed

CVE-2025-43984 was published Aug 14, 2025

Dolibarr ERP/CRM versions <= 3.1.1 and <= 3.2.0 contain a post-authenticated OS command injection... Critical Unreviewed

CVE-2012-10059 was published Aug 13, 2025

Previous 1…3…44 Next

Previous 1 2 3 4 5 … 43 44 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,094 advisories