Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,680
Maven
5,000+
npm
4,300
NuGet
760
pip
4,078
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+

302,925 advisories

Loading
SQL injection vulnerability in Hive Metastore Server (HMS) when processing delete column... Unknown Unreviewed
CVE-2025-62728 was published Nov 26, 2025
Out-of-bounds Read vulnerability in ASR1903、ASR3901 in ASR Lapwing_Linux on Linux (nr_fw modules)... High Unreviewed
CVE-2025-13735 was published Nov 26, 2025
Apache Druid’s Kerberos authenticator uses a weak fallback secret when the `druid.auth... Unknown Unreviewed
CVE-2025-59390 was published Nov 26, 2025
Rejected reason: Not used Unknown Unreviewed
CVE-2025-66231 was published Nov 26, 2025
Rejected reason: Not used Unknown Unreviewed
CVE-2025-66235 was published Nov 26, 2025
In KDE Skanpage before 25.08.0, an attempt at file overwrite can result in the contents of the... Low Unreviewed
CVE-2025-55174 was published Nov 26, 2025
Rejected reason: Not used Unknown Unreviewed
CVE-2025-66232 was published Nov 26, 2025
Smart Video Doorbell firmware versions prior to 2.01.078 contain an active debug code... High Unreviewed
CVE-2025-64983 was published Nov 26, 2025
Rejected reason: Not used Unknown Unreviewed
CVE-2025-66233 was published Nov 26, 2025
In KDE Krita before 5.2.13, loading a manipulated TGA file could result in a heap-based buffer... Moderate Unreviewed
CVE-2025-59820 was published Nov 26, 2025
Rejected reason: Not used Unknown Unreviewed
CVE-2025-66234 was published Nov 26, 2025
The TAX SERVICE Electronic HDM WordPress plugin before 1.2.1 does not authorization and CSRF... Unknown Unreviewed
CVE-2025-12061 was published Nov 26, 2025
Rejected reason: Not used Unknown Unreviewed
CVE-2025-66230 was published Nov 26, 2025
Rejected reason: Not used Unknown Unreviewed
CVE-2025-66229 was published Nov 26, 2025
Rejected reason: Not used Unknown Unreviewed
CVE-2025-66228 was published Nov 26, 2025
The RupsMon and USBMate services in UPSilon 2000 run with SYSTEM privileges and contain unquoted... High Unreviewed
CVE-2025-66269 was published Nov 26, 2025
CMService.exe creates the C:\\usr directory and subdirectories with insecure permissions,... Moderate Unreviewed
CVE-2025-66265 was published Nov 26, 2025
The RupsMon.exe service executable in UPSilon 2000 has insecure permissions, allowing the ... Critical Unreviewed
CVE-2025-66266 was published Nov 26, 2025
Stored Cross-Site Scripting via XML Injection in DB Electronica Telecomunicazioni S.p.A. Mozart... High Unreviewed
CVE-2025-66258 was published Nov 26, 2025
Infinite Loop Denial of Service via Failed File Deletion in DB Electronica Telecomunicazioni S.p... High Unreviewed
CVE-2025-66252 was published Nov 26, 2025
Unauthenticated Arbitrary File Upload (status_contents.php) in DB Electronica Telecomunicazioni S... Critical Unreviewed
CVE-2025-66250 was published Nov 26, 2025
Unauthenticated Arbitrary File Deletion (upgrade_contents.php) in DB Electronica... High Unreviewed
CVE-2025-66254 was published Nov 26, 2025
Unauthenticated Path Traversal with Arbitrary File Deletion in DB Electronica Telecomunicazioni S... High Unreviewed
CVE-2025-66251 was published Nov 26, 2025
Unauthenticated OS Command Injection (start_upgrade.php) in DB Electronica Telecomunicazioni S.p... Critical Unreviewed
CVE-2025-66253 was published Nov 26, 2025
Unauthenticated Arbitrary File Deletion (patch_contents.php) in DB Electronica Telecomunicazioni... Critical Unreviewed
CVE-2025-66257 was published Nov 26, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database