Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,680
Maven
5,000+
npm
4,308
NuGet
760
pip
4,080
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

597 advisories

Loading
An issue in Blurams Lumi Security Camera (A31C) v23.1227.472.2926 allows local physical attackers... Moderate Unreviewed
CVE-2025-63674 was published Nov 25, 2025
A vulnerability was identified in D-Link DIR-852 1.00. This issue affects some unknown processing... Moderate Unreviewed
CVE-2025-13562 was published Nov 23, 2025
The read function in file thinkphp\library\think\template\driver\File.php in ThinkPHP 5.0.24... Moderate Unreviewed
CVE-2025-63888 was published Nov 20, 2025
A vulnerability in the command line interface of affected devices could allow an authenticated... Moderate Unreviewed
CVE-2025-37162 was published Nov 18, 2025
pnetlab 5.3.11 is vulnerable to Command Injection via the qemu_options parameter. Moderate Unreviewed
CVE-2025-63749 was published Nov 18, 2025
A remote command execution (RCE) vulnerability was discovered in all H3C ERG3/ERG5 series routers... Moderate Unreviewed
CVE-2025-63258 was published Nov 18, 2025
A code injection vulnerability exists in baryhuang/mcp-server-aws-resources-python 0.1.0 that... Moderate Unreviewed
CVE-2025-63604 was published Nov 18, 2025
A command injection vulnerability exists in the MCP Data Science Server's (reading-plus-ai/mcp... Moderate Unreviewed
CVE-2025-63603 was published Nov 18, 2025
A command injection vulnerability exists in the TOTOLINK A950RG Router firmware V5.9c... Moderate Unreviewed
CVE-2025-60702 was published Nov 13, 2025
An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware... Moderate Unreviewed
CVE-2025-60672 was published Nov 13, 2025
An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware... Moderate Unreviewed
CVE-2025-60676 was published Nov 13, 2025
An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware... Moderate Unreviewed
CVE-2025-60673 was published Nov 13, 2025
A command injection vulnerability exists in the D-Link DIR-823G router firmware DIR823G_V1.0... Moderate Unreviewed
CVE-2025-60675 was published Nov 13, 2025
A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1_FW102B02... Moderate Unreviewed
CVE-2025-60701 was published Nov 13, 2025
A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1_FW102B02... Moderate Unreviewed
CVE-2025-60700 was published Nov 13, 2025
An unauthenticated command injection vulnerability exists in the Start_EPI function of the httpd... Moderate Unreviewed
CVE-2025-60689 was published Nov 13, 2025
A command injection vulnerability exists in the D-Link DIR-823G router firmware DIR823G_V1.0... Moderate Unreviewed
CVE-2025-60671 was published Nov 13, 2025
An unauthenticated command injection vulnerability exists in the ToToLink LR1200GB Router... Moderate Unreviewed
CVE-2025-60687 was published Nov 13, 2025
A command injection vulnerability exists in the ToToLink A720R Router firmware V4.1.5cu... Moderate Unreviewed
CVE-2025-60683 was published Nov 13, 2025
A command injection vulnerability exists in the ToToLink A720R Router firmware V4.1.5cu... Moderate Unreviewed
CVE-2025-60682 was published Nov 13, 2025
Improper neutralization of special elements used in a command ('command injection') in Visual... Moderate Unreviewed
CVE-2025-62214 was published Nov 11, 2025
KERUI K259 5MP Wi-Fi / Tuya Smart Security Camera firmware v33.53.87 contains a code execution... Moderate Unreviewed
CVE-2025-63296 was published Nov 10, 2025
Dell CloudLink, versions prior 8.1.1, contain a Command Injection vulnerability which can be... Moderate Unreviewed
CVE-2025-46365 was published Nov 5, 2025
An issue in NetSurf v.3.11 allows a remote attacker to execute arbitrary code via the... Moderate Unreviewed
CVE-2024-51317 was published Nov 3, 2025
A local privilege escalation vulnerability in the WatchGuard Mobile VPN with SSL client on... Moderate Unreviewed
CVE-2025-1549 was published Oct 29, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database