Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,873
Erlang
37
GitHub Actions
36
Go
2,519
Maven
5,000+
npm
4,156
NuGet
736
pip
3,957
Pub
12
RubyGems
946
Rust
1,027
Swift
39
Unreviewed advisories
All unreviewed
5,000+

3,952 advisories

Loading
HyperX NGENUITY software is potentially vulnerable to arbitrary code execution. HP is releasing... Moderate Unreviewed
CVE-2025-10568 was published Sep 19, 2025
IBM Lakehouse (watsonx.data 2.2) could allow an authenticated privileged user to execute... Moderate Unreviewed
CVE-2025-36143 was published Sep 18, 2025
NVIDIA Triton Inference Server for Windows and Linux contains a vulnerability in the Python... Critical Unreviewed
CVE-2025-23316 was published Sep 18, 2025
The N-Reporter, N-Cloud, and N-Probe developed by N-Partner has an OS Command Injection... Critical Unreviewed
CVE-2025-9972 was published Sep 17, 2025
In LemonLDAP::NG before 2.16.7 and 2.17 through 2.21 before 2.21.3, OS command injection can... High Unreviewed
CVE-2025-59518 was published Sep 17, 2025
Improper neutralization of special elements used in an OS command ('OS Command Injection') issue... High Unreviewed
CVE-2025-58116 was published Sep 17, 2025
The N-Reporter, N-Cloud, and N-Probe developed by N-Partner has an OS Command Injection... High Unreviewed
CVE-2025-10589 was published Sep 17, 2025
A vulnerability exists in the HPE Aruba Networking EdgeConnect SD-WAN Gateways Command Line... High Unreviewed
CVE-2025-37126 was published Sep 17, 2025
A vulnerable feature in the command line interface of EdgeConnect SD-WAN could allow an... Moderate Unreviewed
CVE-2025-37129 was published Sep 17, 2025
Ilevia EVE X1 Server version ≤ 4.7.18.0.eden contains an unauthenticated OS command injection... Critical Unreviewed
CVE-2025-34184 was published Sep 16, 2025
Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a vulnerability in its authentication... Critical Unreviewed
CVE-2025-34186 was published Sep 16, 2025
Ilevia EVE X1/X5 Server version ≤ 4.7.18.0.eden contains a misconfiguration in the sudoers file... Critical Unreviewed
CVE-2025-34187 was published Sep 16, 2025
Flowise has unsandboxed remote code execution via Custom MCP High
GHSA-6933-jpx5-q87q was published for flowise (npm) Sep 15, 2025
assaf-levkovich-jf
mcp-kubernetes-server has an OS Command Injection vulnerability Low
CVE-2025-59377 was published for mcp-kubernetes-server (pip) Sep 15, 2025
Chaos Controller Manager is vulnerable to OS command injection Critical
CVE-2025-59359 was published for github.com/chaos-mesh/chaos-mesh (Go) Sep 15, 2025
Chaos Controller Manager is vulnerable to OS command injection Critical
CVE-2025-59360 was published for github.com/chaos-mesh/chaos-mesh (Go) Sep 15, 2025
Chaos Controller Manager is vulnerable to OS command injection Critical
CVE-2025-59361 was published for github.com/chaos-mesh/chaos-mesh (Go) Sep 15, 2025
Certain models of NVR developed by Digiever has an OS Command Injection vulnerability, allowing... Critical Unreviewed
CVE-2025-10265 was published Sep 12, 2025
Zabbix Agent 2 smartctl plugin does not properly sanitize smart.disk.get parameters, allowing an... High Unreviewed
CVE-2025-27234 was published Sep 12, 2025
Hoverfly is vulnerable to Remote Code Execution through an insecure middleware implementation Critical
CVE-2025-54123 was published for github.com/SpectoLabs/hoverfly (Go) Sep 10, 2025
Kr1shna4garwal
Dell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) an Improper... High Unreviewed
CVE-2025-43884 was published Sep 10, 2025
Dell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) an Improper... High Unreviewed
CVE-2025-43885 was published Sep 10, 2025
OS Command injection vulnerability in function OperateSSH in 1panel 2.0.8 allowing attackers to... High Unreviewed
CVE-2025-56413 was published Sep 10, 2025
CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'... Moderate Unreviewed
CVE-2025-9997 was published Sep 10, 2025
CWE-78: Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection'... Moderate Unreviewed
CVE-2025-9996 was published Sep 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database