Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,680
Maven
5,000+
npm
4,308
NuGet
760
pip
4,081
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

110 advisories

Loading
An argument injection vulnerability exists in the affected product that could allow an attacker... High Unreviewed
CVE-2025-12556 was published Nov 6, 2025
rcube_image.php in Roundcube Webmail before 1.4.4 allows attackers to execute arbitrary code via... High Unreviewed
CVE-2020-12641 was published May 24, 2022
Unity Editor 2019.1 through 6000.3 could allow remote attackers to exploit file loading and Local... High Unreviewed
CVE-2025-59489 was published Oct 3, 2025
Improper Neutralization of Argument Delimiters in a Command ('Argument Injection') vulnerability... High Unreviewed
CVE-2025-47421 was published Sep 3, 2025
A server side request forgery vulnerability was identified in GitHub Enterprise Server that... High Unreviewed
CVE-2024-3684 was published Apr 19, 2024
Dell ThinOS 10, versions prior to 2508_10.0127, contains an Improper Neutralization of Argument... High Unreviewed
CVE-2025-43730 was published Aug 27, 2025
Argument injection in special agent configuration in Checkmk <2.4.0p1, <2.3.0p32, <2.2.0p42 and 2... High Unreviewed
CVE-2025-1712 was published May 21, 2025
An improper validation vulnerability was reported in Lenovo Vantage that under certain conditions... High Unreviewed
CVE-2025-6231 was published Jul 17, 2025
An improper validation vulnerability was reported in Lenovo Vantage that under certain conditions... High Unreviewed
CVE-2025-6232 was published Jul 17, 2025
A vulnerability exists in Advantech iView that allows for argument injection in NetworkServlet... High Unreviewed
CVE-2025-52459 was published Jul 11, 2025
A vulnerability exists in Advantech iView that allows for argument injection in the... High Unreviewed
CVE-2025-53509 was published Jul 11, 2025
A flaw was found in Ansible Automation Platform’s EDA component where user-supplied Git URLs are... High Unreviewed
CVE-2025-49520 was published Jun 30, 2025
The Quantenna Wi-Fi chipset ships with a local control script, set_tx_pow, that is vulnerable to... High Unreviewed
CVE-2025-3460 was published Jun 8, 2025
The Quantenna Wi-Fi chipset ships with a local control script, transmit_file, that is vulnerable... High Unreviewed
CVE-2025-3459 was published Jun 8, 2025
The Quantenna Wi-Fi chipset ships with a local control script, router_command.sh (in the... High Unreviewed
CVE-2025-32457 was published Jun 8, 2025
Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulnerable to a post... High Unreviewed
CVE-2025-35006 was published Jun 8, 2025
Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulnerable to a post... High Unreviewed
CVE-2025-35007 was published Jun 8, 2025
Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulnerable to a post... High Unreviewed
CVE-2025-35009 was published Jun 8, 2025
Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulnerable to a post... High Unreviewed
CVE-2025-35005 was published Jun 8, 2025
Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulnerable to a post... High Unreviewed
CVE-2025-35008 was published Jun 8, 2025
Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulnerable to a post... High Unreviewed
CVE-2025-35010 was published Jun 8, 2025
The Quantenna Wi-Fi chipset ships with a local control script, router_command.sh (in the... High Unreviewed
CVE-2025-32458 was published Jun 8, 2025
The Quantenna Wi-Fi chipset ships with a local control script, router_command.sh (in the... High Unreviewed
CVE-2025-32459 was published Jun 8, 2025
Products that incorporate the Microhard BulletLTE-NA2 and IPn4Gii-NA2 are vulnerable to a post... High Unreviewed
CVE-2025-35004 was published Jun 8, 2025
The Quantenna Wi-Fi chipset ships with a local control script, router_command.sh (in the run_cmd... High Unreviewed
CVE-2025-32455 was published Jun 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database