Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,690
Maven
5,000+
npm
4,320
NuGet
760
pip
4,096
Pub
12
RubyGems
958
Rust
1,063
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,024 advisories

Loading
willitmerge has a Command Injection vulnerability Moderate
CVE-2025-66219 was published for willitmerge (npm) Nov 26, 2025
lirantal
Credited to lirantal
An issue in Blurams Lumi Security Camera (A31C) v23.1227.472.2926 allows local physical attackers... Moderate Unreviewed
CVE-2025-63674 was published Nov 25, 2025
iStats contains an insecure XPC service that allows local, unprivileged users to escalate their... Critical Unreviewed
CVE-2025-11921 was published Nov 24, 2025
A vulnerability was identified in D-Link DIR-852 1.00. This issue affects some unknown processing... Moderate Unreviewed
CVE-2025-13562 was published Nov 23, 2025
The read function in file thinkphp\library\think\template\driver\File.php in ThinkPHP 5.0.24... Moderate Unreviewed
CVE-2025-63888 was published Nov 20, 2025
An issue in Ilevia EVE X1 Server Firmware Version v4.7.18.0.eden and before Logic Version v6.00 -... High Unreviewed
CVE-2025-60738 was published Nov 20, 2025
pnetlab 5.3.11 is vulnerable to Command Injection via the qemu_options parameter. Moderate Unreviewed
CVE-2025-63749 was published Nov 18, 2025
A vulnerability in the command line interface of affected devices could allow an authenticated... Moderate Unreviewed
CVE-2025-37162 was published Nov 18, 2025
A remote command execution (RCE) vulnerability was discovered in all H3C ERG3/ERG5 series routers... Moderate Unreviewed
CVE-2025-63258 was published Nov 18, 2025
A code injection vulnerability exists in baryhuang/mcp-server-aws-resources-python 0.1.0 that... Moderate Unreviewed
CVE-2025-63604 was published Nov 18, 2025
A command injection vulnerability exists in the MCP Data Science Server's (reading-plus-ai/mcp... Moderate Unreviewed
CVE-2025-63603 was published Nov 18, 2025
GitLab has remediated an issue in GitLab EE affecting all versions from 17.8 before 18.3.6, 18.4... Low Unreviewed
CVE-2025-6945 was published Nov 15, 2025
A command injection vulnerability exists in the TOTOLINK A950RG Router firmware V5.9c... Moderate Unreviewed
CVE-2025-60702 was published Nov 13, 2025
An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware... Moderate Unreviewed
CVE-2025-60672 was published Nov 13, 2025
An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware... Moderate Unreviewed
CVE-2025-60676 was published Nov 13, 2025
An unauthenticated command injection vulnerability exists in the D-Link DIR-878A1 router firmware... Moderate Unreviewed
CVE-2025-60673 was published Nov 13, 2025
A command injection vulnerability exists in the D-Link DIR-823G router firmware DIR823G_V1.0... Moderate Unreviewed
CVE-2025-60675 was published Nov 13, 2025
An issue in Intermesh BV GroupOffice vulnerable before v.25.0.47 and 6.8.136 allows a remote... High Unreviewed
CVE-2025-63406 was published Nov 13, 2025
A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1_FW102B02... Moderate Unreviewed
CVE-2025-60701 was published Nov 13, 2025
A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1_FW102B02... Moderate Unreviewed
CVE-2025-60700 was published Nov 13, 2025
A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1_FW102B02... High Unreviewed
CVE-2025-60697 was published Nov 13, 2025
A command injection vulnerability exists in the D-Link DIR-882 Router firmware DIR882A1_FW102B02... High Unreviewed
CVE-2025-60698 was published Nov 13, 2025
An unauthenticated command injection vulnerability exists in the Start_EPI function of the httpd... Moderate Unreviewed
CVE-2025-60689 was published Nov 13, 2025
A command injection vulnerability exists in the D-Link DIR-823G router firmware DIR823G_V1.0... Moderate Unreviewed
CVE-2025-60671 was published Nov 13, 2025
An unauthenticated command injection vulnerability exists in the ToToLink LR1200GB Router... Moderate Unreviewed
CVE-2025-60687 was published Nov 13, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database