GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,094
Composer 4,792
Erlang 36
GitHub Actions 29
Go 2,377
Maven 5,712
npm 4,002
NuGet 720
pip 3,802
Pub 12
RubyGems 927
Rust 984
Swift 38

Unreviewed advisories

All unreviewed 262,151

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

650 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Support Board plugin for WordPress is vulnerable to arbitrary file deletion due to... Critical Unreviewed

CVE-2025-4828 was published Jul 9, 2025

Marvell QConvergeConsole saveAsText Directory Traversal Remote Code Execution Vulnerability. This... Critical Unreviewed

CVE-2025-6794 was published Jul 7, 2025

Marvell QConvergeConsole QLogicDownloadImpl Directory Traversal Arbitrary File Deletion and... Critical Unreviewed

CVE-2025-6793 was published Jul 7, 2025

MICROSENS NMP Web+ could allow an unauthenticated attacker to overwrite files and execute... Critical Unreviewed

CVE-2025-49153 was published Jun 26, 2025

An arbitrary file upload vulnerability exists in the Zhiyuan OA platform 5.0, 5.1 - 5.6sp1, 6.0 -... Critical Unreviewed

CVE-2025-34040 was published Jun 26, 2025

A path traversal vulnerability exists in multiple models of Selea Targa IP OCR-ANPR cameras,... Critical Unreviewed

CVE-2025-34022 was published Jun 20, 2025

Directory Traversal vulnerability in novel plus before v.5.1.0 allows a remote attacker to... Critical Unreviewed

CVE-2025-45890 was published Jun 20, 2025

The Image Resizer On The Fly plugin for WordPress is vulnerable to arbitrary file deletion due to... Critical Unreviewed

CVE-2025-6065 was published Jun 14, 2025

Path traversal vulnerability exists in RICOH Streamline NX V3 PC Client versions 3.5.0 to 3.242.0... Critical Unreviewed

CVE-2025-46783 was published Jun 13, 2025

Allows modifying some file metadata (e.g. last modified) with filter="data" or file permissions ... Critical Unreviewed

CVE-2024-12718 was published Jun 3, 2025

Allows arbitrary filesystem writes outside the extraction directory during extraction with filter... Critical Unreviewed

CVE-2025-4517 was published Jun 3, 2025

The Madara – Responsive and modern WordPress theme for manga sites theme for WordPress is... Critical Unreviewed

CVE-2025-4524 was published May 21, 2025

Improper limitation of pathname in Circuit Provisioning and File Import applications allows... Critical Unreviewed

CVE-2025-48017 was published May 20, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed

CVE-2025-32926 was published May 19, 2025

The TicketBAI Facturas para WooCommerce plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed

CVE-2025-4564 was published May 15, 2025

Improper limitation of a pathname to a restricted directory ('path traversal') in Azure allows an... Critical Unreviewed

CVE-2025-30387 was published May 13, 2025

Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9... Critical Unreviewed

CVE-2025-4632 was published May 13, 2025

foxcms v1.2.5 was discovered to contain an arbitrary file deletion vulnerability via the... Critical Unreviewed

CVE-2025-45238 was published May 5, 2025

Output Messenger before 2.0.63 was vulnerable to a directory traversal attack through improper... Critical Unreviewed

CVE-2025-27920 was published May 5, 2025

Quick Agent V3 and Quick Agent V2 contain an issue with improper limitation of a pathname to a... Critical Unreviewed

CVE-2025-26692 was published Apr 28, 2025

The Database Toolset plugin is vulnerable to arbitrary file deletion due to insufficient file... Critical Unreviewed

CVE-2025-3065 was published Apr 24, 2025

A path traversal vulnerability in Commvault Command Center Innovation Release allows an... Critical Unreviewed

CVE-2025-34028 was published Apr 22, 2025

A vulnerability exists in the daemon process of the Yi IOT XY-3820 v6.0.24.10, which exposes a... Critical Unreviewed

CVE-2025-29660 was published Apr 21, 2025

Local File Inclusion (LFI) vulnerability in a Render function of Formulatrix Rock Maker Web (RMW)... Critical Unreviewed

CVE-2025-0632 was published Apr 21, 2025

The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to Local... Critical Unreviewed

CVE-2025-2636 was published Apr 11, 2025

Previous 1 2 3 4 5 … 25 26 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

650 advisories