Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,717
Maven
5,000+
npm
4,328
NuGet
761
pip
4,105
Pub
12
RubyGems
958
Rust
1,065
Swift
45
Unreviewed advisories
All unreviewed
5,000+

27,645 advisories

Loading
OpenCode Systems USSD Gateway OC Release: 5 Version 6.13.11 was discovered to contain a SQL... Critical Unreviewed
CVE-2025-65235 was published Nov 26, 2025
OpenCode Systems USSD Gateway OC Release: 5 was discovered to contain a SQL injection... Critical Unreviewed
CVE-2025-65236 was published Nov 26, 2025
FAST FAC1200R F400_FAC1200R_Q is vulnerable to Buffer Overflow in the function sub_80435780 via... Critical Unreviewed
CVE-2025-50399 was published Nov 26, 2025
FAST FAC1200R F400_FAC1200R_Q is vulnerable to Buffer Overflow in the function sub_80435780 via... Critical Unreviewed
CVE-2025-50402 was published Nov 26, 2025
Incorrect access control in youlai-boot v2.21.1 allows attackers to escalate privileges and... Critical Unreviewed
CVE-2025-55469 was published Nov 26, 2025
Apache Druid’s Kerberos authenticator uses a weak fallback secret Critical
CVE-2025-59390 was published for org.apache.druid:druid (Maven) Nov 26, 2025
The RupsMon.exe service executable in UPSilon 2000 has insecure permissions, allowing the ... Critical Unreviewed
CVE-2025-66266 was published Nov 26, 2025
Unauthenticated OS Command Injection (restore_settings.php) in DB Electronica Telecomunicazioni S... Critical Unreviewed
CVE-2025-66261 was published Nov 26, 2025
Authenticated Root Remote Code Execution via improrer user input filtering in DB Electronica... Critical Unreviewed
CVE-2025-66259 was published Nov 26, 2025
Arbitrary File Overwrite via Tar Extraction Path Traversal in DB Electronica Telecomunicazioni S... Critical Unreviewed
CVE-2025-66262 was published Nov 26, 2025
Unauthenticated Arbitrary File Deletion (patch_contents.php) in DB Electronica Telecomunicazioni... Critical Unreviewed
CVE-2025-66257 was published Nov 26, 2025
Unauthenticated OS Command Injection (start_upgrade.php) in DB Electronica Telecomunicazioni S.p... Critical Unreviewed
CVE-2025-66253 was published Nov 26, 2025
Unauthenticated Arbitrary File Upload (upgrade_contents.php) in DB Electronica Telecomunicazioni... Critical Unreviewed
CVE-2025-66255 was published Nov 26, 2025
Unauthenticated Arbitrary File Upload (status_contents.php) in DB Electronica Telecomunicazioni S... Critical Unreviewed
CVE-2025-66250 was published Nov 26, 2025
Unauthenticated Arbitrary File Upload (patch_contents.php) in DB Electronica Telecomunicazioni S... Critical Unreviewed
CVE-2025-66256 was published Nov 26, 2025
Stack-based buffer overflow in Azure Application Gateway allows an unauthorized attacker to... Critical Unreviewed
CVE-2025-64657 was published Nov 26, 2025
Out-of-bounds read in Application Gateway allows an unauthorized attacker to elevate privileges... Critical Unreviewed
CVE-2025-64656 was published Nov 26, 2025
The CIBELES AI plugin for WordPress is vulnerable to arbitrary file uploads due to missing... Critical Unreviewed
CVE-2025-13595 was published Nov 26, 2025
The AI Feeds plugin for WordPress is vulnerable to arbitrary file uploads due to missing... Critical Unreviewed
CVE-2025-13597 was published Nov 26, 2025
libnftnl has Heap-based Buffer Overflow in nftnl::Batch::with_page_size (nftnl-rs) Critical
GHSA-2fjw-whxm-9v4q was published for nftnl (Rust) Nov 25, 2025
An issue was discovered in jishenghua JSH_ERP 2.3.1. The /material... Critical Unreviewed
CVE-2025-51742 was published Nov 25, 2025
An issue was discovered in jishenghua JSH_ERP 2.3.1. The /serialNumber/addSerialNumber endpoint... Critical Unreviewed
CVE-2025-51746 was published Nov 25, 2025
An issue was discovered in jishenghua JSH_ERP 2.3.1. The /materialCategory/addMaterialCategory... Critical Unreviewed
CVE-2025-51743 was published Nov 25, 2025
An issue was discovered in jishenghua JSH_ERP 2.3.1. The /role/addcan endpoint is vulnerable to... Critical Unreviewed
CVE-2025-51745 was published Nov 25, 2025
An issue was discovered in jishenghua JSH_ERP 2.3.1. The /user/addUser endpoint is vulnerable to... Critical Unreviewed
CVE-2025-51744 was published Nov 25, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database