Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,690
Maven
5,000+
npm
4,320
NuGet
760
pip
4,096
Pub
12
RubyGems
958
Rust
1,063
Swift
45
Unreviewed advisories
All unreviewed
5,000+

1,287 advisories

Loading
TOTOLINK A950RG V4.1.2cu.5161_B20200903 was found to contain a pre-auth remote command execution... Critical Unreviewed
CVE-2025-28036 was published Apr 22, 2025
TOTOLINK EX1200T V4.1.2cu.5232_B20210713 was found to contain a pre-auth remote command execution... Critical Unreviewed
CVE-2025-28038 was published Apr 22, 2025
TOTOLINK EX1200T V4.1.2cu.5232_B20210713 was found to contain a pre-auth remote command execution... Critical Unreviewed
CVE-2025-28039 was published Apr 22, 2025
TOTOLINK A810R V4.1.2cu.5182_B20201026 and A950RG V4.1.2cu.5161_B20200903 were found to contain a... Critical Unreviewed
CVE-2025-28037 was published Apr 22, 2025
TOTOLINK A800R V4.1.2cu.5137_B20200730, A810R V4.1.2cu.5182_B20201026, A830R V4.1.2cu... Critical Unreviewed
CVE-2025-28034 was published Apr 22, 2025
An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the... Critical Unreviewed
CVE-2025-29043 was published Apr 17, 2025
An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the... Critical Unreviewed
CVE-2025-29042 was published Apr 17, 2025
An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the... Critical Unreviewed
CVE-2025-29041 was published Apr 17, 2025
An issue in dlink DIR 832x 240802 allows a remote attacker to execute arbitrary code via the... Critical Unreviewed
CVE-2025-29040 was published Apr 17, 2025
The TOTOLINK A810R V4.1.2cu.5182_B20201026 were found to contain a pre-auth remote command... Critical Unreviewed
CVE-2025-28137 was published Apr 15, 2025
OS command injection vulnerability in the specific service exists in Wi-Fi AP UNIT 'AC-WPS-11ac... Critical Unreviewed
CVE-2025-27797 was published Apr 9, 2025
A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web... Critical Unreviewed
CVE-2024-41790 was published Apr 8, 2025
A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web... Critical Unreviewed
CVE-2024-41788 was published Apr 8, 2025
A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web... Critical Unreviewed
CVE-2024-41789 was published Apr 8, 2025
The web service of iSherlock from HGiga has an OS Command Injection vulnerability, allowing... Critical Unreviewed
CVE-2025-3362 was published Apr 8, 2025
The web service of iSherlock from HGiga has an OS Command Injection vulnerability, allowing... Critical Unreviewed
CVE-2025-3363 was published Apr 8, 2025
The web service of iSherlock from HGiga has an OS Command Injection vulnerability, allowing... Critical Unreviewed
CVE-2025-3361 was published Apr 8, 2025
An OS command injection vulnerability in lib/NSSDropoff.php in ZendTo 5.24-3 through 6.x before 6... Critical Unreviewed
CVE-2021-47667 was published Apr 5, 2025
Netwrix Password Secure 9.2.0.32454 allows OS command injection. Critical Unreviewed
CVE-2025-26817 was published Apr 3, 2025
A remote attacker with web administrator privileges can exploit the device’s web interface to... Critical Unreviewed
CVE-2025-0415 was published Apr 2, 2025
Xorcom CompletePBX is vulnerable to command injection in the administrator Task Scheduler... Critical Unreviewed
CVE-2025-30004 was published Mar 31, 2025
Os command injection vulnerability in e-solutions e-management. This vulnerability allows an... Critical Unreviewed
CVE-2025-3022 was published Mar 31, 2025
A critical OS Command Injection vulnerability has been identified in the FAST LTA Silent Brick... Critical Unreviewed
CVE-2025-2071 was published Mar 31, 2025
TOTOLINK A3002R V4.0.0-B20230531.1404 is vulnerable to Command Injection in /bin/boa via bandstr. Critical Unreviewed
CVE-2025-25579 was published Mar 29, 2025
An issue in TOTOLINK A3100R V4.1.2cu.5247_B20211129 allows a remote attacker to execute arbitrary... Critical Unreviewed
CVE-2025-28256 was published Mar 28, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database