GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
92
GitHub Actions
54
Go
4,217
Maven
5,000+
npm
5,000+
NuGet
1,021
pip
5,000+
Pub
13
RubyGems
1,103
Rust
1,443
Swift
61
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
66 advisories
Filter by severity
Withdrawn: Arbitrary code execution in lodash
Low
Unreviewed
CVE-2021-41720
was published
for
lodash
(npm)
Dec 3, 2021
MySQL before 5.1.48 allows remote authenticated users with alter database privileges to cause a...
Low
Unreviewed
CVE-2010-2008
was published
May 13, 2022
IBM WebSphere Message Broker 8 before 8.0.0.6 and Integration Bus 9 before 9.0.0.4 do not check...
Low
Unreviewed
CVE-2015-5011
was published
May 17, 2022
In Helix Sync versions prior to 2024.1, a local command injection was identified. Reported by...
Low
Unreviewed
CVE-2024-0325
was published
Feb 2, 2024
Tenda AC500 V2.0.1.9(1307) firmware contains a command injection vulnerablility in the...
Low
Unreviewed
CVE-2024-32314
was published
Apr 17, 2024
TOTOLINK outdoor CPE CP450 v4.1.0cu.747_B20191224 was discovered to contain a command injection...
Low
Unreviewed
CVE-2024-34218
was published
May 14, 2024
Zabbix allows to configure SMS notifications. AT command injection occurs on "Zabbix Server"...
Low
Unreviewed
CVE-2024-22122
was published
Aug 12, 2024
Multiple bash files were present in the application's private directory.
Bash files can be used...
Low
Unreviewed
CVE-2024-54681
was published
Jan 17, 2025
A vulnerability classified as critical was found in MicroWord eScan Antivirus 7.0.32 on Linux....
Low
Unreviewed
CVE-2025-1369
was published
Feb 17, 2025
An issue was discovered in GitLab EE affecting all versions starting from 17.2 before 17.7.7, all...
Low
Unreviewed
CVE-2024-8402
was published
Mar 13, 2025
An issue was discovered in GitLab EE affecting all versions starting from 14.9 before 17.8.6, all...
Low
Unreviewed
CVE-2024-9773
was published
Mar 27, 2025
Successful exploitation of the vulnerability could allow an attacker with administrator...
Low
Unreviewed
CVE-2025-52687
was published
Jul 16, 2025
An Improper Input Validation in UISP Application could allow a Command Injection by a malicious...
Low
Unreviewed
CVE-2025-48979
was published
Aug 29, 2025
A command injection vulnerability has been reported to affect HybridDesk Station. If an attacker...
Low
Unreviewed
CVE-2025-44015
was published
Aug 29, 2025
A vulnerability was detected in CosmodiumCS OnlyRAT up to 3.2. The affected element is the...
Low
Unreviewed
CVE-2025-10767
was published
Sep 22, 2025
A high privileged remote attacker can influence the parameters passed to the openssl command due...
Low
Unreviewed
CVE-2025-41721
was published
Oct 22, 2025
GitLab has remediated an issue in GitLab EE affecting all versions from 17.8 before 18.3.6, 18.4...
Low
Unreviewed
CVE-2025-6945
was published
Nov 15, 2025
A logic issue was addressed with improved checks. This issue is fixed in watchOS 26.3, tvOS 26.3,...
Low
Unreviewed
CVE-2026-20671
was published
Feb 12, 2026
A security vulnerability has been detected in D-Link DI-500WF 14.04.10A1T. The impacted element...
Low
Unreviewed
CVE-2025-9745
was published
Apr 29, 2026
A security flaw has been discovered in D-Link DI-7400G+ 19.12.25A1. Affected is the function...
Low
Unreviewed
CVE-2025-9769
was published
Apr 29, 2026
A vulnerability was detected in TRENDnet TEW-821DAP up to 1.12B01. The affected element is the...
Low
Unreviewed
CVE-2026-7608
was published
May 2, 2026
A flaw has been found in TRENDnet TEW-821DAP up to 1.12B01. The impacted element is the function...
Low
Unreviewed
CVE-2026-7609
was published
May 2, 2026
A vulnerability was detected in pskill9 website-downloader up to 0.1.0. This affects the function...
Low
Unreviewed
CVE-2026-7642
was published
May 2, 2026
A security flaw has been discovered in r-huijts mcp-server-rijksmuseum up to 1.0.4. Affected is...
Low
Unreviewed
CVE-2026-7653
was published
May 2, 2026
A weakness has been identified in privsim mcp-test-runner 0.2.0. Impacted is the function...
Low
Unreviewed
CVE-2026-7730
was published
May 4, 2026
ProTip!
Advisories are also available from the
GraphQL API