GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,912
Composer 5,067
Erlang 39
GitHub Actions 38
Go 2,717
Maven 6,143
npm 4,328
NuGet 761
pip 4,105
Pub 12
RubyGems 958
Rust 1,065
Swift 45

Unreviewed advisories

All unreviewed 278,971

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

24,125 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The FindAll Membership plugin for WordPress is vulnerable to Authentication Bypass in all... Critical Unreviewed

CVE-2025-13539 was published Nov 27, 2025

The FindAll Listing plugin for WordPress is vulnerable to Privilege Escalation in all versions up... Critical Unreviewed

CVE-2025-13538 was published Nov 27, 2025

The Tiare Membership plugin for WordPress is vulnerable to Privilege Escalation in all versions... Critical Unreviewed

CVE-2025-13540 was published Nov 27, 2025

The Tiger theme for WordPress is vulnerable to Privilege Escalation in all versions up to, and... Critical Unreviewed

CVE-2025-13675 was published Nov 27, 2025

The Access Control Bypass vulnerability found in ALC WebCTRL and Carrier i-Vu in versions up to... Critical Unreviewed

CVE-2024-5539 was published Nov 27, 2025

XML-Sig versions 0.27 through 0.67 for Perl incorrectly validates XML files if signatures are... Critical Unreviewed

CVE-2025-40934 was published Nov 27, 2025

An unauthenticated administrative access vulnerability exists in the open-source HashTech project... Critical Unreviewed

CVE-2025-65276 was published Nov 26, 2025

An issue was discovered in classroomio 0.1.13. Student accounts are able to delete courses from... Critical Unreviewed

CVE-2025-65669 was published Nov 26, 2025

Improper neutralization of special elements used in an OS command ('command injection') in Cursor... Critical Unreviewed

CVE-2025-62354 was published Nov 26, 2025

An OS command injection vulnerability exists due to insufficient sanitization of user-supplied... Critical Unreviewed

CVE-2025-64127 was published Nov 26, 2025

An OS command injection vulnerability exists due to incomplete validation of user-supplied input... Critical Unreviewed

CVE-2025-64128 was published Nov 26, 2025

Zenitel TCIV-3+ is vulnerable to a reflected cross-site scripting vulnerability, which could... Critical Unreviewed

CVE-2025-64130 was published Nov 26, 2025

An OS command injection vulnerability exists due to improper input validation. The application... Critical Unreviewed

CVE-2025-64126 was published Nov 26, 2025

OpenCode Systems USSD Gateway OC Release: 5 was discovered to contain a SQL injection... Critical Unreviewed

CVE-2025-65236 was published Nov 26, 2025

OpenCode Systems USSD Gateway OC Release: 5 Version 6.13.11 was discovered to contain a SQL... Critical Unreviewed

CVE-2025-65235 was published Nov 26, 2025

Incorrect access control in youlai-boot v2.21.1 allows attackers to escalate privileges and... Critical Unreviewed

CVE-2025-55469 was published Nov 26, 2025

FAST FAC1200R F400_FAC1200R_Q is vulnerable to Buffer Overflow in the function sub_80435780 via... Critical Unreviewed

CVE-2025-50399 was published Nov 26, 2025

FAST FAC1200R F400_FAC1200R_Q is vulnerable to Buffer Overflow in the function sub_80435780 via... Critical Unreviewed

CVE-2025-50402 was published Nov 26, 2025

The RupsMon.exe service executable in UPSilon 2000 has insecure permissions, allowing the ... Critical Unreviewed

CVE-2025-66266 was published Nov 26, 2025

Arbitrary File Overwrite via Tar Extraction Path Traversal in DB Electronica Telecomunicazioni S... Critical Unreviewed

CVE-2025-66262 was published Nov 26, 2025

Unauthenticated OS Command Injection (restore_settings.php) in DB Electronica Telecomunicazioni S... Critical Unreviewed

CVE-2025-66261 was published Nov 26, 2025

Authenticated Root Remote Code Execution via improrer user input filtering in DB Electronica... Critical Unreviewed

CVE-2025-66259 was published Nov 26, 2025

Unauthenticated Arbitrary File Deletion (patch_contents.php) in DB Electronica Telecomunicazioni... Critical Unreviewed

CVE-2025-66257 was published Nov 26, 2025

Unauthenticated OS Command Injection (start_upgrade.php) in DB Electronica Telecomunicazioni S.p... Critical Unreviewed

CVE-2025-66253 was published Nov 26, 2025

Unauthenticated Arbitrary File Upload (upgrade_contents.php) in DB Electronica Telecomunicazioni... Critical Unreviewed

CVE-2025-66255 was published Nov 26, 2025

Previous 1…3…400 Next

Previous 1 2 3 4 5 … 399 400 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

24,125 advisories