Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,701
Maven
5,000+
npm
4,328
NuGet
761
pip
4,103
Pub
12
RubyGems
958
Rust
1,064
Swift
45
Unreviewed advisories
All unreviewed
5,000+

552 advisories

Loading
Loaded Commerce 6.6 contains a client-side template injection vulnerability that allows... Moderate Unreviewed
CVE-2025-66572 was published Dec 4, 2025
A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation... Moderate Unreviewed
CVE-2025-37157 was published Nov 18, 2025
A command injection vulnerability exists in the AOS-CX Operating System. Successful exploitation... Moderate Unreviewed
CVE-2025-37158 was published Nov 18, 2025
Local Agent DVR versions thru 6.6.1.0 are vulnerable to directory traversal that allows an... Moderate Unreviewed
CVE-2025-63408 was published Nov 18, 2025
CWE-78 Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Moderate Unreviewed
CVE-2025-55055 was published Nov 17, 2025
MyScreenTools v2.2.1.0 contains a critical OS command injection vulnerability in the GIF... Moderate Unreviewed
CVE-2025-63916 was published Nov 17, 2025
A vulnerability in the REST API of Cisco Catalyst Center could allow an authenticated, remote... Moderate Unreviewed
CVE-2025-20349 was published Nov 13, 2025
pgAdmin 4 has command injection vulnerability on Windows systems Moderate
CVE-2025-12763 was published for pgadmin4 (pip) Nov 13, 2025
Due to an OS Command Injection vulnerability in SAP Business Connector, an authenticated attacker... Moderate Unreviewed
CVE-2025-42892 was published Nov 11, 2025
Apache Airflow has a command injection vulnerability in "example_dag_decorator" Moderate
CVE-2025-54941 was published for apache-airflow (pip) Oct 30, 2025
FastMCP vulnerable to windows command injection in FastMCP Cursor installer via server_name Moderate
CVE-2025-62801 was published for fastmcp (pip) Oct 29, 2025
nil340
Credited to nil340
A security vulnerability has been detected in D-Link DAP-2695 2.00RC13. The impacted element is... Moderate Unreviewed
CVE-2025-12296 was published Oct 27, 2025
When a user attempts to initialize the rSeries FIPS module using a password with special shell... Moderate Unreviewed
CVE-2025-60013 was published Oct 15, 2025
A vulnerability was detected in D-Link DAP-2695 2.00RC131. This affects the function... Moderate Unreviewed
CVE-2025-11665 was published Oct 13, 2025
Multiple instances of an Improper Neutralization of Special Elements used in an OS Command ('OS... Moderate Unreviewed
CVE-2025-60006 was published Oct 9, 2025
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release... Moderate Unreviewed
CVE-2025-36566 was published Oct 7, 2025
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release... Moderate Unreviewed
CVE-2025-36567 was published Oct 7, 2025
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release... Moderate Unreviewed
CVE-2025-36569 was published Oct 7, 2025
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release... Moderate Unreviewed
CVE-2025-43908 was published Oct 7, 2025
A weakness has been identified in D-Link DI-7001 MINI 24.04.18B1. Impacted is an unknown function... Moderate Unreviewed
CVE-2025-11407 was published Oct 7, 2025
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release... Moderate Unreviewed
CVE-2025-43906 was published Oct 7, 2025
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release... Moderate Unreviewed
CVE-2025-43911 was published Oct 7, 2025
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release... Moderate Unreviewed
CVE-2025-43890 was published Oct 7, 2025
A command injection vulnerability has been reported to affect several QNAP operating system... Moderate Unreviewed
CVE-2025-47212 was published Oct 3, 2025
A weakness has been identified in D-Link DIR-816L 206b01. Affected by this issue is the function... Moderate Unreviewed
CVE-2025-9727 was published Oct 1, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database