GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,912
Composer 5,067
Erlang 39
GitHub Actions 38
Go 2,717
Maven 6,143
npm 4,328
NuGet 761
pip 4,105
Pub 12
RubyGems 958
Rust 1,065
Swift 45

Unreviewed advisories

All unreviewed 279,080

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

24,125 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Unauthenticated Arbitrary File Upload (status_contents.php) in DB Electronica Telecomunicazioni S... Critical Unreviewed

CVE-2025-66250 was published Nov 26, 2025

Unauthenticated Arbitrary File Upload (patch_contents.php) in DB Electronica Telecomunicazioni S... Critical Unreviewed

CVE-2025-66256 was published Nov 26, 2025

Stack-based buffer overflow in Azure Application Gateway allows an unauthorized attacker to... Critical Unreviewed

CVE-2025-64657 was published Nov 26, 2025

Out-of-bounds read in Application Gateway allows an unauthorized attacker to elevate privileges... Critical Unreviewed

CVE-2025-64656 was published Nov 26, 2025

The CIBELES AI plugin for WordPress is vulnerable to arbitrary file uploads due to missing... Critical Unreviewed

CVE-2025-13595 was published Nov 26, 2025

The AI Feeds plugin for WordPress is vulnerable to arbitrary file uploads due to missing... Critical Unreviewed

CVE-2025-13597 was published Nov 26, 2025

An issue was discovered in jishenghua JSH_ERP 2.3.1. The /material... Critical Unreviewed

CVE-2025-51742 was published Nov 25, 2025

An issue was discovered in jishenghua JSH_ERP 2.3.1. The /serialNumber/addSerialNumber endpoint... Critical Unreviewed

CVE-2025-51746 was published Nov 25, 2025

An issue was discovered in jishenghua JSH_ERP 2.3.1. The /materialCategory/addMaterialCategory... Critical Unreviewed

CVE-2025-51743 was published Nov 25, 2025

An issue was discovered in jishenghua JSH_ERP 2.3.1. The /role/addcan endpoint is vulnerable to... Critical Unreviewed

CVE-2025-51745 was published Nov 25, 2025

An issue was discovered in jishenghua JSH_ERP 2.3.1. The /user/addUser endpoint is vulnerable to... Critical Unreviewed

CVE-2025-51744 was published Nov 25, 2025

An issue in the cms_rest.php component of SIGB PMB v8.0.1.14 allows attackers to execute... Critical Unreviewed

CVE-2025-61168 was published Nov 25, 2025

NVIDIA DGX Spark GB10 contains a vulnerability in SROOT, where an attacker could use privileged... Critical Unreviewed

CVE-2025-33187 was published Nov 25, 2025

Cross Site Request Forgery (CSRF) vulnerability in Ilevia EVE X1 Server Firmware Version v4.7.18... Critical Unreviewed

CVE-2025-60739 was published Nov 25, 2025

An issue was discovered in Syrotech SY-GPON-1110-WDONT SYRO_3.7L_3.1.02-240517 allowing attackers... Critical Unreviewed

CVE-2025-63729 was published Nov 25, 2025

An authentication-bypass vulnerability exists in AiCloud. This vulnerability can be triggered by... Critical Unreviewed

CVE-2025-59366 was published Nov 25, 2025

Security Point (Windows) of MaLion and MaLionCloud contains a stack-based buffer overflow... Critical Unreviewed

CVE-2025-62691 was published Nov 25, 2025

Security Point (Windows) of MaLion and MaLionCloud contains a heap-based buffer overflow... Critical Unreviewed

CVE-2025-64693 was published Nov 25, 2025

The EduKart Pro plugin for WordPress is vulnerable to Privilege Escalation in all versions up to,... Critical Unreviewed

CVE-2025-13559 was published Nov 25, 2025

The Sneeit Framework plugin for WordPress is vulnerable to Remote Code Execution in all versions... Critical Unreviewed

CVE-2025-6389 was published Nov 25, 2025

lunary-ai/lunary version 1.9.34 is vulnerable to an account takeover due to improper... Critical Unreviewed

CVE-2025-9803 was published Nov 25, 2025

In RSA Authentication Agent before 7.4.7, service paths and shortcut paths may be vulnerable to... Critical Unreviewed

CVE-2024-47856 was published Nov 25, 2025

A Directory Traversal vulnerability was found in the Application Server of Desktop Alert... Critical Unreviewed

CVE-2025-54347 was published Nov 25, 2025

Shenzhen TVT Digital Technology Co., Ltd. NVMS-9000 firmware (used by many white-labeled DVR/NVR... Critical Unreviewed

CVE-2018-25126 was published Nov 24, 2025

Ruijie NBR series routers contain an unauthenticated arbitrary file upload vulnerability via /ddi... Critical Unreviewed

CVE-2023-7330 was published Nov 24, 2025

Previous 1…4…400 Next

Previous 1 2 3 4 5 6 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

24,125 advisories