GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,775
Composer 5,036
Erlang 39
GitHub Actions 38
Go 2,680
Maven 6,124
npm 4,308
NuGet 760
pip 4,080
Pub 12
RubyGems 958
Rust 1,061
Swift 45

Unreviewed advisories

All unreviewed 278,225

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

24,063 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Anyscale Ray 2.52.0 contains an insecure default configuration in which token-based... Critical Unreviewed

CVE-2025-34351 was published Nov 27, 2025

The Access Control Bypass vulnerability found in ALC WebCTRL and Carrier i-Vu in versions up to... Critical Unreviewed

CVE-2024-5539 was published Nov 27, 2025

Zenitel TCIV-3+ is vulnerable to a reflected cross-site scripting vulnerability, which could... Critical Unreviewed

CVE-2025-64130 was published Nov 26, 2025

An OS command injection vulnerability exists due to incomplete validation of user-supplied input... Critical Unreviewed

CVE-2025-64128 was published Nov 26, 2025

An OS command injection vulnerability exists due to insufficient sanitization of user-supplied... Critical Unreviewed

CVE-2025-64127 was published Nov 26, 2025

Improper neutralization of special elements used in an OS command ('command injection') in Cursor... Critical Unreviewed

CVE-2025-62354 was published Nov 26, 2025

An OS command injection vulnerability exists due to improper input validation. The application... Critical Unreviewed

CVE-2025-64126 was published Nov 26, 2025

The RupsMon.exe service executable in UPSilon 2000 has insecure permissions, allowing the ... Critical Unreviewed

CVE-2025-66266 was published Nov 26, 2025

Unauthenticated OS Command Injection (start_upgrade.php) in DB Electronica Telecomunicazioni S.p... Critical Unreviewed

CVE-2025-66253 was published Nov 26, 2025

Unauthenticated Arbitrary File Upload (status_contents.php) in DB Electronica Telecomunicazioni S... Critical Unreviewed

CVE-2025-66250 was published Nov 26, 2025

Unauthenticated Arbitrary File Upload (upgrade_contents.php) in DB Electronica Telecomunicazioni... Critical Unreviewed

CVE-2025-66255 was published Nov 26, 2025

Unauthenticated Arbitrary File Upload (patch_contents.php) in DB Electronica Telecomunicazioni S... Critical Unreviewed

CVE-2025-66256 was published Nov 26, 2025

Unauthenticated Arbitrary File Deletion (patch_contents.php) in DB Electronica Telecomunicazioni... Critical Unreviewed

CVE-2025-66257 was published Nov 26, 2025

Authenticated Root Remote Code Execution via improrer user input filtering in DB Electronica... Critical Unreviewed

CVE-2025-66259 was published Nov 26, 2025

Unauthenticated OS Command Injection (restore_settings.php) in DB Electronica Telecomunicazioni S... Critical Unreviewed

CVE-2025-66261 was published Nov 26, 2025

Arbitrary File Overwrite via Tar Extraction Path Traversal in DB Electronica Telecomunicazioni S... Critical Unreviewed

CVE-2025-66262 was published Nov 26, 2025

Out-of-bounds read in Application Gateway allows an unauthorized attacker to elevate privileges... Critical Unreviewed

CVE-2025-64656 was published Nov 26, 2025

Stack-based buffer overflow in Azure Application Gateway allows an unauthorized attacker to... Critical Unreviewed

CVE-2025-64657 was published Nov 26, 2025

The AI Feeds plugin for WordPress is vulnerable to arbitrary file uploads due to missing... Critical Unreviewed

CVE-2025-13597 was published Nov 26, 2025

The CIBELES AI plugin for WordPress is vulnerable to arbitrary file uploads due to missing... Critical Unreviewed

CVE-2025-13595 was published Nov 26, 2025

An issue was discovered in jishenghua JSH_ERP 2.3.1. The /role/addcan endpoint is vulnerable to... Critical Unreviewed

CVE-2025-51745 was published Nov 25, 2025

An issue was discovered in jishenghua JSH_ERP 2.3.1. The /material... Critical Unreviewed

CVE-2025-51742 was published Nov 25, 2025

An issue was discovered in jishenghua JSH_ERP 2.3.1. The /materialCategory/addMaterialCategory... Critical Unreviewed

CVE-2025-51743 was published Nov 25, 2025

An issue was discovered in jishenghua JSH_ERP 2.3.1. The /user/addUser endpoint is vulnerable to... Critical Unreviewed

CVE-2025-51744 was published Nov 25, 2025

An issue was discovered in jishenghua JSH_ERP 2.3.1. The /serialNumber/addSerialNumber endpoint... Critical Unreviewed

CVE-2025-51746 was published Nov 25, 2025

Previous1…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

24,063 advisories