Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,154
NuGet
736
pip
3,953
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

2,903 advisories

Loading
A deserialization vulnerability in the License Servlet of Fortra's GoAnywhere MFT allows an actor... Critical Unreviewed
CVE-2025-10035 was published Sep 19, 2025
An issue Clip Bucket v.5.5.2 Build#90 allows a remote attacker to execute arbitrary codes via the... Moderate Unreviewed
CVE-2025-55911 was published Sep 18, 2025
The cbis_manager Podman container is vulnerable to remote command execution via the /api/plugins... High Unreviewed
CVE-2023-49565 was published Sep 18, 2025
@sequa-ai/sequa-mcp has Command Injection vulnerability Low
CVE-2025-10619 was published for @sequa-ai/sequa-mcp (npm) Sep 17, 2025
In JetBrains Junie before 252.284.66, 251.284.66, 243.284.66, 252.284.61, 251.284.61, 243.284.61,... High Unreviewed
CVE-2025-59458 was published Sep 17, 2025
Edimax BR-6473AX v1.0.28 was discovered to contain a remote code execution (RCE) vulnerability... High Unreviewed
CVE-2025-56706 was published Sep 16, 2025
TOTOLINK X6000R V9.4.0cu.1360_B20241207 was found to contain a command injection vulnerability in... Critical Unreviewed
CVE-2025-52053 was published Sep 15, 2025
mcp-kubernetes-server has a Command Injection vulnerability Low
CVE-2025-59376 was published for mcp-kubernetes-server (pip) Sep 15, 2025
A vulnerability was found in D-Link DI-8100G, DI-8200G and DI-8003G 17.12.20A1/19.12.10A1.... Moderate Unreviewed
CVE-2025-10441 was published Sep 15, 2025
A vulnerability was determined in Tenda AC9 and AC15 15.03.05.14. This affects the function... Moderate Unreviewed
CVE-2025-10442 was published Sep 15, 2025
A vulnerability has been found in D-Link DI-8100, DI-8100G, DI-8200, DI-8200G, DI-8003 and DI... Moderate Unreviewed
CVE-2025-10440 was published Sep 15, 2025
A vulnerability was detected in Wavlink WL-WN578W2 221110. This impacts the function sub_404DBC... Moderate Unreviewed
CVE-2025-10359 was published Sep 13, 2025
A security vulnerability has been detected in Wavlink WL-WN578W2 221110. This affects the... Moderate Unreviewed
CVE-2025-10358 was published Sep 13, 2025
A security vulnerability has been detected in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by... Moderate Unreviewed
CVE-2025-10328 was published Sep 13, 2025
A weakness has been identified in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected by this... Moderate Unreviewed
CVE-2025-10327 was published Sep 12, 2025
A security flaw has been discovered in MiczFlor RPi-Jukebox-RFID up to 2.8.0. Affected is an... Moderate Unreviewed
CVE-2025-10326 was published Sep 12, 2025
The Evertz SDVN 3080ipx-10G is a High Bandwidth Ethernet Switching Fabric for Video Application.... Critical Unreviewed
CVE-2025-10364 was published Sep 12, 2025
Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an... Moderate Unreviewed
CVE-2025-27233 was published Sep 12, 2025
Ai command injection in Agentic AI and Visual Studio Code allows an unauthorized attacker to... High Unreviewed
CVE-2025-55319 was published Sep 12, 2025
An arbitrary file upload vulnerability in Beakon Application before v5.4.3 allows attackers to... Moderate Unreviewed
CVE-2025-55372 was published Sep 11, 2025
interactive-git-checkout has a Command Injection vulnerability Critical
CVE-2025-59046 was published for interactive-git-checkout (npm) Sep 10, 2025
lirantal
An issue was discovered in mcp-neo4j 0.3.0 allowing attackers to gain sensitive information or... High Unreviewed
CVE-2025-56406 was published Sep 10, 2025
A command injection vulnerability in FTP-Flask-python through 5173b68 allows unauthenticated... Critical Unreviewed
CVE-2025-57633 was published Sep 9, 2025
Improper neutralization of special elements used in a command ('command injection') in SQL Server... High Unreviewed
CVE-2025-55227 was published Sep 9, 2025
A security issue exists within FactoryTalk Optix MQTT broker due to the lack of URI sanitization.... High Unreviewed
CVE-2025-9161 was published Sep 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database