Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,655
Maven
5,000+
npm
4,284
NuGet
760
pip
4,067
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

589 advisories

Loading
Command injection in some Zoom Clients for Windows may allow an authenticated user to conduct a... Moderate Unreviewed
CVE-2025-58132 was published Oct 15, 2025
An authenticated command injection vulnerability exists in the command line interface binary of... Moderate Unreviewed
CVE-2025-37138 was published Oct 14, 2025
A vulnerability was detected in D-Link DAP-2695 2.00RC131. This affects the function... Moderate Unreviewed
CVE-2025-11665 was published Oct 13, 2025
An arbitrary file upload vulnerability exists in JeeWMS 20250820, which is caused by the lack of... Moderate Unreviewed
CVE-2025-60268 was published Oct 10, 2025
An arbitrary file upload vulnerability in MCMS v6.0.1 allows attackers to execute arbitrary code... Moderate Unreviewed
CVE-2025-60838 was published Oct 10, 2025
M365 Copilot Spoofing Vulnerability Moderate Unreviewed
CVE-2025-59252 was published Oct 9, 2025
Copilot Spoofing Vulnerability Moderate Unreviewed
CVE-2025-59286 was published Oct 9, 2025
Copilot Spoofing Vulnerability Moderate Unreviewed
CVE-2025-59272 was published Oct 9, 2025
An issue WebKul Bagisto v.2.3.6 allows a remote attacker to execute arbitrary code via the Cart... Moderate Unreviewed
CVE-2025-56426 was published Oct 9, 2025
A vulnerability was detected in Tenda AC7 15.03.06.44. This vulnerability affects unknown code of... Moderate Unreviewed
CVE-2025-11523 was published Oct 9, 2025
A vulnerability has been found in wonderwhy-er DesktopCommanderMCP up to 0.2.13. The affected... Moderate Unreviewed
CVE-2025-11490 was published Oct 8, 2025
A vulnerability was found in wonderwhy-er DesktopCommanderMCP up to 0.2.13. The impacted element... Moderate Unreviewed
CVE-2025-11491 was published Oct 8, 2025
A weakness has been identified in D-Link DI-7001 MINI 24.04.18B1. Impacted is an unknown function... Moderate Unreviewed
CVE-2025-11407 was published Oct 7, 2025
A weakness has been identified in D-Link DIR-816L 206b01. Affected by this issue is the function... Moderate Unreviewed
CVE-2025-9727 was published Oct 1, 2025
A security flaw has been discovered in Ruijie NBR2100G-E up to 20250919. Affected by this issue... Moderate Unreviewed
CVE-2025-11141 was published Sep 29, 2025
A vulnerability was found in mirweiye wenkucms up to 3.4. This impacts the function createPathOne... Moderate Unreviewed
CVE-2025-11138 was published Sep 29, 2025
An issue was discovered in DIR-823 firmware 20250416. There is an RCE vulnerability in the... Moderate Unreviewed
CVE-2025-55848 was published Sep 26, 2025
Notepad++ v8.8.3 has a DLL hijacking vulnerability, which can replace the original DLL file to... Moderate Unreviewed
CVE-2025-56383 was published Sep 26, 2025
An issue in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via accessing a... Moderate Unreviewed
CVE-2025-29157 was published Sep 25, 2025
An issue in petstore v.1.0.7 allows a remote attacker to execute arbitrary code via the DELETE... Moderate Unreviewed
CVE-2025-29155 was published Sep 25, 2025
An issue in PocketVJ CP PocketVJ-CP-v3 pvj 3.9.1 allows remote attackers to execute arbitrary... Moderate Unreviewed
CVE-2025-45326 was published Sep 23, 2025
SQL Injection vulnerability in CSZ-CMS v.1.3.0 allows a remote attacker to execute arbitrary code... Moderate Unreviewed
CVE-2025-29083 was published Sep 23, 2025
The LB-Link routers, including the BL-AC2100_AZ3 V1.0.4, BL-WR4000 v2.5.0, BL-WR9000_AE4 v2.4.9,... Moderate Unreviewed
CVE-2025-57685 was published Sep 22, 2025
A weakness has been identified in Ruijie 6000-E10 up to 2.4.3.6-20171117. This affects an unknown... Moderate Unreviewed
CVE-2025-10774 was published Sep 22, 2025
Tenda AC6 router firmware 15.03.05.19 contains a command injection vulnerability in the... Moderate Unreviewed
CVE-2025-57296 was published Sep 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database