Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,785
Erlang
36
GitHub Actions
29
Go
2,358
Maven
5,000+
npm
3,979
NuGet
720
pip
3,777
Pub
12
RubyGems
924
Rust
981
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

719 advisories

Loading
A SQLi vulnerability exists in Delta Electronics DIAEnergie v1.10.1.8610 and prior when CEBC.exe... Critical Unreviewed
CVE-2024-4547 was published May 6, 2024
An SQLi vulnerability exists in Delta Electronics DIAEnergie v1.10.1.8610 and prior when CEBC.exe... Critical Unreviewed
CVE-2024-4548 was published May 6, 2024
An OS command injection vulnerability exists in various models of E-Series Linksys routers via... Critical Unreviewed
CVE-2025-34037 was published Jun 26, 2025
An OS command injection vulnerability exists in white-labeled DVRs manufactured by TVT, affecting... Critical Unreviewed
CVE-2025-34036 was published Jun 26, 2025
An OS command injection vulnerability exists in EnGenius EnShare Cloud Service version 1.4.11 and... Critical Unreviewed
CVE-2025-34035 was published Jun 26, 2025
An OS command injection vulnerability exists in the OptiLink ONT1GEW GPON router firmware version... Critical Unreviewed
CVE-2025-34049 was published Jun 26, 2025
A remote command injection vulnerability exists in Vacron Network Video Recorder (NVR) devices v1... Critical Unreviewed
CVE-2025-34043 was published Jun 26, 2025
An authenticated command injection vulnerability exists in the Beward N100 IP Camera firmware... Critical Unreviewed
CVE-2025-34042 was published Jun 26, 2025
A remote command injection vulnerability exists in the confirm.php interface of the WIFISKY 7... Critical Unreviewed
CVE-2025-34044 was published Jun 26, 2025
An OS command injection vulnerability exists in sar2html version 3.2.2 and prior via the plot... Critical Unreviewed
CVE-2025-34030 was published Jun 20, 2025
An OS command injection vulnerability exists in the Edimax EW-7438RPn firmware version 1.13 and... Critical Unreviewed
CVE-2025-34024 was published Jun 20, 2025
An OS command injection vulnerability exists in MiniDVBLinux version 5.4 and earlier. The system... Critical Unreviewed
CVE-2025-25038 was published Jun 20, 2025
An issue in dom96 HTTPbeast v.0.4.1 and before allows a remote attacker to execute arbitrary code... Critical Unreviewed
CVE-2023-50694 was published Jan 19, 2024
A cross-site scripting (XSS) vulnerability in netis-systems MEX605 v2.00.06 allows attackers to... Critical Unreviewed
CVE-2024-33792 was published May 3, 2024
Improper input validation in the OSSEC HIDS agent for Windows prior to version 3.8.0 allows an... Critical Unreviewed
CVE-2024-1244 was published Jun 11, 2025
An improper input validation discovered in Avaya Call Management System could allow an... Critical Unreviewed
CVE-2025-1041 was published Jun 10, 2025
Microsoft Outlook Remote Code Execution Vulnerability Critical Unreviewed
CVE-2024-21413 was published Feb 13, 2024
U-Boot vulnerability resulting in persistent Code Execution  Critical Unreviewed
CVE-2023-48425 was published Dec 11, 2023
Cryptographic vulnerability in Iridium Certus 700. This vulnerability allows a user to retrieve... Critical Unreviewed
CVE-2025-41377 was published May 23, 2025
libpng before 1.6.32 does not properly check the length of chunks against the user limit. Critical Unreviewed
CVE-2017-12652 was published May 24, 2022
The 1E-Exchange-DisplayMessageinstruction that is part of the End-User Interaction product pack... Critical Unreviewed
CVE-2023-5964 was published Nov 6, 2023
The 1E-Exchange-URLResponseTime instruction that is part of the Network product pack available on... Critical Unreviewed
CVE-2023-45161 was published Nov 6, 2023
The 1E-Exchange-CommandLinePing instruction that is part of the Network product pack available on... Critical Unreviewed
CVE-2023-45163 was published Nov 6, 2023
ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Input... Critical Unreviewed
CVE-2025-43560 was published May 13, 2025
ColdFusion versions 2025.1, 2023.13, 2021.19 and earlier are affected by an Improper Input... Critical Unreviewed
CVE-2025-43559 was published May 13, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database