Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,383
Erlang
33
GitHub Actions
22
Go
2,141
Maven
5,000+
npm
3,803
NuGet
687
pip
3,479
Pub
12
RubyGems
897
Rust
898
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,472 advisories

Loading
Matrix IRC Bridge allows IRC command injection to own puppeted user Low
CVE-2025-27146 was published for matrix-appservice-irc (npm) Feb 25, 2025
A vulnerability classified as critical was found in hzmanyun Education and Training System 3.1.1.... Moderate Unreviewed
CVE-2025-1676 was published Feb 25, 2025
A vulnerability, which was classified as critical, has been found in FiberHome AN5506-01A ONU... Moderate Unreviewed
CVE-2025-1616 was published Feb 24, 2025
A vulnerability has been found in LB-LINK AC1900 Router 1.0.2 and classified as critical.... Moderate Unreviewed
CVE-2025-1609 was published Feb 24, 2025
A vulnerability was found in LB-LINK AC1900 Router 1.0.2 and classified as critical. Affected by... Moderate Unreviewed
CVE-2025-1610 was published Feb 24, 2025
A vulnerability, which was classified as critical, was found in LB-LINK AC1900 Router 1.0.2.... Moderate Unreviewed
CVE-2025-1608 was published Feb 24, 2025
Totolink X5000R V9.1.0u.6369_B20230113 is vulnerable to command injection via the vif_disable... Moderate Unreviewed
CVE-2025-25604 was published Feb 21, 2025
Totolink X5000R V9.1.0u.6369_B20230113 is vulnerable to command injection via the... Moderate Unreviewed
CVE-2025-25605 was published Feb 21, 2025
A vulnerability has been found in BDCOM Behavior Management and Auditing System up to 20250210... Moderate Unreviewed
CVE-2025-1546 was published Feb 21, 2025
A vulnerability was found in Raisecom Multi-Service Intelligent Gateway up to 20250208. It has... Moderate Unreviewed
CVE-2025-1536 was published Feb 21, 2025
TOTOLink outdoor CPE CP900 V6.3c.566_B20171026 is discovered to contain a command injection... Critical Unreviewed
CVE-2022-28495 was published Mar 24, 2023
DocsGPT Allows Remote Code Execution Critical
CVE-2025-0868 was published for docsgpt (npm) Feb 20, 2025
D-Link DIR-853 A1 FW1.20B07 was discovered to contain a command injection vulnerability in the... High Unreviewed
CVE-2025-25743 was published Feb 12, 2025
github-slug-action vulnerable to arbitrary code execution High
CVE-2023-27581 was published for rlespinasse/github-slug-action (GitHub Actions) Mar 13, 2023
R3x rlespinasse
Honeywell OneWireless Wireless Device Manager (WDM) for the following versions R310.x, R320.x,... Critical Unreviewed
CVE-2023-5878 was published Feb 6, 2025
A critical vulnerability has been discovered in Privileged Remote Access (PRA) and Remote Support... Critical Unreviewed
CVE-2024-12356 was published Dec 17, 2024
A vulnerability classified as critical was found in MicroWord eScan Antivirus 7.0.32 on Linux.... Low Unreviewed
CVE-2025-1369 was published Feb 17, 2025
A vulnerability, which was classified as critical, has been found in MicroWorld eScan Antivirus 7... Moderate Unreviewed
CVE-2025-1370 was published Feb 17, 2025
A vulnerability was found in TOTOLINK X18 9.1.0cu.2024_B20220329. It has been rated as critical.... Moderate Unreviewed
CVE-2025-1339 was published Feb 16, 2025
Implementation of the Simple Network Management Protocol (SNMP) operating on the Brocade 6547 ... High Unreviewed
CVE-2024-5461 was published Feb 15, 2025
The vulnerability may allow a remote low priviledged attacker to run arbitrary shell commands by... High Unreviewed
CVE-2025-0593 was published Feb 14, 2025
A critical remote code execution (RCE) vulnerability exists in the web-based management interface... High Unreviewed
CVE-2025-22962 was published Feb 14, 2025
Network access can be used to execute arbitrary code with elevated privileges. This issue... Critical Unreviewed
CVE-2024-48841 was published Jan 27, 2025
Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability... Critical Unreviewed
CVE-2025-22630 was published Feb 14, 2025
An attacker may inject commands via specially-crafted post requests. High Unreviewed
CVE-2025-24861 was published Feb 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database