GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,889
Composer 5,066
Erlang 39
GitHub Actions 38
Go 2,701
Maven 6,140
npm 4,328
NuGet 761
pip 4,103
Pub 12
RubyGems 958
Rust 1,064
Swift 45

Unreviewed advisories

All unreviewed 278,793

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

918 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper input validation together with an integer overflow in the EAP-TLS protocol... Critical Unreviewed

CVE-2018-11574 was published May 13, 2022

Authenticated Root Remote Code Execution via improrer user input filtering in DB Electronica... Critical Unreviewed

CVE-2025-66259 was published Nov 26, 2025

A vulnerability where the JavaScript JIT compiler inlines Array.prototype.push with multiple... Critical Unreviewed

CVE-2018-12387 was published May 14, 2022

The type inference system allows the compilation of functions that can cause type confusions... Critical Unreviewed

CVE-2019-9791 was published May 24, 2022

A vulnerability was discovered where specific command line arguments are not properly discarded... Critical Unreviewed

CVE-2019-9794 was published May 24, 2022

HTML tags received from the Pocket server will be processed without sanitization and any... Critical Unreviewed

CVE-2016-9901 was published May 14, 2022

The QVidium Opera11 device (firmware version 2.9.0-Ax4x-opera11) is vulnerable to Remote Code... Critical Unreviewed

CVE-2025-63213 was published Nov 19, 2025

An OS command injection vulnerability exists in MiniDVBLinux version 5.4 and earlier. The system... Critical Unreviewed

CVE-2025-25038 was published Jun 20, 2025

An OS command injection vulnerability exists in the Edimax EW-7438RPn firmware version 1.13 and... Critical Unreviewed

CVE-2025-34024 was published Jun 20, 2025

An OS command injection vulnerability exists in sar2html version 3.2.2 and prior via the plot... Critical Unreviewed

CVE-2025-34030 was published Jun 20, 2025

A remote command injection vulnerability exists in the confirm.php interface of the WIFISKY 7... Critical Unreviewed

CVE-2025-34044 was published Jun 26, 2025

An unauthenticated command injection vulnerability exists in AVTECH DVR devices via Search.cgi... Critical Unreviewed

CVE-2025-34054 was published Jul 1, 2025

An OS command injection vulnerability exists in various models of E-Series Linksys routers via... Critical Unreviewed

CVE-2025-34037 was published Jun 26, 2025

An OS command injection vulnerability exists in the OptiLink ONT1GEW GPON router firmware version... Critical Unreviewed

CVE-2025-34049 was published Jun 26, 2025

An authenticated command injection vulnerability exists in the Beward N100 IP Camera firmware... Critical Unreviewed

CVE-2025-34042 was published Jun 26, 2025

A SQL Injection vulnerability on an endpoint in BEIMS Contractor Web, a legacy product that is no... Critical Unreviewed

CVE-2025-10460 was published Nov 17, 2025

An unauthenticated remote command execution vulnerability exists in Samsung WLAN AP WEA453e... Critical Unreviewed

CVE-2025-34068 was published Jul 15, 2025

Missing Initial Password Change.This issue affects BLU-IC2: through 1.19.5; BLU-IC4: through 1.19.5. Critical Unreviewed

CVE-2025-12285 was published Oct 26, 2025

Magento executes code via the API File Option Upload Extension Critical

CVE-2021-36042 was published for magento/community-edition (Composer) May 24, 2022

Magento has a file extension restrictions bypass Critical

CVE-2021-36040 was published for magento/community-edition (Composer) May 24, 2022

Magento is affected by an improper input validation vulnerability while saving a customer's details Critical

CVE-2021-36025 was published for magento/community-edition (Composer) May 24, 2022

Lack of application manifest sanitation could lead to potential stored XSS.This issue affects BLU... Critical Unreviewed

CVE-2025-12001 was published Oct 21, 2025

Mail Configuration File Manipulation + Command Execution.This issue affects BLU-IC2: through 1.19... Critical Unreviewed

CVE-2025-12275 was published Oct 26, 2025

Magento affected by remote code execution vulnerability in the CMS page scheduled update feature Critical

CVE-2021-36021 was published for magento/community-edition (Composer) Sep 6, 2023

A template injection vulnerability exists in Sawtooth Software’s Lighthouse Studio versions prior... Critical Unreviewed

CVE-2025-34300 was published Jul 16, 2025

Previous1…37 Next

Previous 1 2 3 4 5 … 36 37 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

918 advisories