GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,109
Composer 4,884
Erlang 37
GitHub Actions 38
Go 2,546
Maven 5,998
npm 4,207
NuGet 743
pip 3,979
Pub 12
RubyGems 947
Rust 1,034
Swift 45

Unreviewed advisories

All unreviewed 272,386

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

1,050 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F... Critical Unreviewed

CVE-2025-60964 was published Oct 6, 2025

OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F... Critical Unreviewed

CVE-2025-60965 was published Oct 6, 2025

OS Command Injection vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F... Critical Unreviewed

CVE-2025-60957 was published Oct 6, 2025

Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability... Critical Unreviewed

CVE-2025-59740 was published Oct 2, 2025

Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability... Critical Unreviewed

CVE-2025-59741 was published Oct 2, 2025

Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability... Critical Unreviewed

CVE-2025-59738 was published Oct 2, 2025

Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability... Critical Unreviewed

CVE-2025-59739 was published Oct 2, 2025

Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability... Critical Unreviewed

CVE-2025-59736 was published Oct 2, 2025

Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability... Critical Unreviewed

CVE-2025-59737 was published Oct 2, 2025

Operating system command injection vulnerability in AndSoft's e-TMS v25.03. This vulnerability... Critical Unreviewed

CVE-2025-59735 was published Oct 2, 2025

The Telenium Online Web Application is vulnerable due to a PHP endpoint accessible to... Critical Unreviewed

CVE-2025-10659 was published Sep 30, 2025

The Post By Email plugin for WordPress is vulnerable to arbitrary file uploads due to missing... Critical Unreviewed

CVE-2025-9762 was published Sep 30, 2025

An OS command injection vulnerability in user interface in Western Digital My Cloud firmware... Critical Unreviewed

CVE-2025-30247 was published Sep 29, 2025

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed

CVE-2025-11005 was published Sep 25, 2025

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed

CVE-2025-52906 was published Sep 24, 2025

An issue in Datart v.1.0.0-rc.3 allows a remote attacker to execute arbitrary code via the INIT... Critical Unreviewed

CVE-2025-56819 was published Sep 24, 2025

Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')... Critical Unreviewed

CVE-2025-9588 was published Sep 23, 2025

CWP (aka Control Web Panel or CentOS Web Panel) before 0.9.8.1205 allows unauthenticated remote... Critical Unreviewed

CVE-2025-48703 was published Sep 22, 2025

NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python... Critical Unreviewed

CVE-2025-23316 was published Sep 18, 2025

The N-Reporter, N-Cloud, and N-Probe developed by N-Partner has an OS Command Injection... Critical Unreviewed

CVE-2025-9972 was published Sep 17, 2025

Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a misconfiguration in the sudoers file... Critical Unreviewed

CVE-2025-34187 was published Sep 16, 2025

Ilevia EVE X1 Server version ≤ 4.7.18.0.eden contains an unauthenticated OS command injection... Critical Unreviewed

CVE-2025-34184 was published Sep 16, 2025

Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a vulnerability in its authentication... Critical Unreviewed

CVE-2025-34186 was published Sep 16, 2025

Certain models of NVR developed by Digiever has an OS Command Injection vulnerability, allowing... Critical Unreviewed

CVE-2025-10265 was published Sep 12, 2025

Multiple CWE-78 Critical Unreviewed

CVE-2025-55048 was published Sep 9, 2025

Previous1…42 Next

Previous 1 2 3 4 5 … 41 42 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

1,050 advisories