GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,179
Composer 4,891
Erlang 37
GitHub Actions 38
Go 2,549
Maven 6,013
npm 4,221
NuGet 745
pip 3,998
Pub 12
RubyGems 953
Rust 1,038
Swift 45

Unreviewed advisories

All unreviewed 272,936

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,050 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F... Critical Unreviewed

CVE-2025-60965 was published Oct 6, 2025

OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F... Critical Unreviewed

CVE-2025-60964 was published Oct 6, 2025

OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F... Critical Unreviewed

CVE-2025-60957 was published Oct 6, 2025

Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability... Critical Unreviewed

CVE-2025-59735 was published Oct 2, 2025

Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability... Critical Unreviewed

CVE-2025-59737 was published Oct 2, 2025

Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability... Critical Unreviewed

CVE-2025-59741 was published Oct 2, 2025

Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability... Critical Unreviewed

CVE-2025-59736 was published Oct 2, 2025

Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability... Critical Unreviewed

CVE-2025-59740 was published Oct 2, 2025

Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability... Critical Unreviewed

CVE-2025-59739 was published Oct 2, 2025

Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability... Critical Unreviewed

CVE-2025-59738 was published Oct 2, 2025

An authenticated command injection vulnerability exists in Pi-hole versions up to 3.3. When... Critical Unreviewed

CVE-2025-34087 was published Jul 3, 2025

Loomio version 2.22.0 allows executing arbitrary commands on the server. This is possible... Critical Unreviewed

CVE-2024-1297 was published Feb 20, 2024

The Telenium Online Web Application is vulnerable due to a PHP endpoint accessible to... Critical Unreviewed

CVE-2025-10659 was published Sep 30, 2025

The Post By Email plugin for WordPress is vulnerable to arbitrary file uploads due to missing... Critical Unreviewed

CVE-2025-9762 was published Sep 30, 2025

An OS command injection vulnerability in user interface in Western Digital My Cloud firmware... Critical Unreviewed

CVE-2025-30247 was published Sep 29, 2025

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed

CVE-2025-11005 was published Sep 25, 2025

NETGEAR DGN1000 before 1.1.00.48 is vulnerable to an authentication bypass vulnerability. A... Critical Unreviewed

CVE-2024-12847 was published Jan 10, 2025

Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a misconfiguration in the sudoers file... Critical Unreviewed

CVE-2025-34187 was published Sep 16, 2025

An issue in Datart v.1.0.0-rc.3 allows a remote attacker to execute arbitrary code via the INIT... Critical Unreviewed

CVE-2025-56819 was published Sep 24, 2025

An OS command injection vulnerability has been reported to affect several product versions. If... Critical Unreviewed

CVE-2024-48860 was published Nov 22, 2024

Multiple D-Link DIR-series routers, including DIR-110, DIR-412, DIR-600, DIR-610, DIR-615, DIR... Critical Unreviewed

CVE-2018-25115 was published Aug 28, 2025

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed

CVE-2025-52906 was published Sep 24, 2025

Ilevia EVE X1 Server version ≤ 4.7.18.0.eden contains an unauthenticated OS command injection... Critical Unreviewed

CVE-2025-34184 was published Sep 16, 2025

Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a vulnerability in its authentication... Critical Unreviewed

CVE-2025-34186 was published Sep 16, 2025

Spreecommerce versions prior to 0.50.x contain a remote command execution vulnerability in the... Critical Unreviewed

CVE-2011-10026 was published Aug 20, 2025

Previous1…42 Next

Previous 1 2 3 4 5 … 41 42 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,050 advisories