GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,912
Composer 5,067
Erlang 39
GitHub Actions 38
Go 2,717
Maven 6,143
npm 4,328
NuGet 761
pip 4,105
Pub 12
RubyGems 958
Rust 1,065
Swift 45

Unreviewed advisories

All unreviewed 279,080

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

693 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The WP Webhooks plugin for WordPress is vulnerable to arbitrary file copy due to missing... Critical Unreviewed

CVE-2025-8895 was published Aug 21, 2025

A Path Traversal vulnerability in AllSky v2023.05.01_04 allows an unauthenticated attacker to... Critical Unreviewed

CVE-2024-44373 was published Aug 19, 2025

Umbraco CMS versions prior to 4.7.1 are vulnerable to unauthenticated remote code execution via... Critical Unreviewed

CVE-2012-10054 was published Aug 13, 2025

UnForm Server Manager versions prior to 10.1.12 expose an unauthenticated file read vulnerability... Critical Unreviewed

CVE-2025-34154 was published Aug 13, 2025

QuickShare File Server 1.2.1 contains a path traversal vulnerability in its FTP service due to... Critical Unreviewed

CVE-2011-10010 was published Aug 13, 2025

In Xerox FreeFlow Core version 8.0.4, an attacker can exploit a Path Traversal vulnerability to... Critical Unreviewed

CVE-2025-8356 was published Aug 8, 2025

A vulnerability in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab through 9.8... Critical Unreviewed

CVE-2025-52913 was published Aug 8, 2025

Marvell QConvergeConsole compressConfigFiles Directory Traversal Information Disclosure and... Critical Unreviewed

CVE-2025-8426 was published Jul 31, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed

CVE-2025-54446 was published Jul 23, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed

CVE-2025-54443 was published Jul 23, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed

CVE-2025-54438 was published Jul 23, 2025

The Attachment Manager plugin for WordPress is vulnerable to arbitrary file deletion due to... Critical Unreviewed

CVE-2025-7643 was published Jul 18, 2025

The Madara - Core plugin for WordPress is vulnerable to arbitrary file deletion due to... Critical Unreviewed

CVE-2025-7712 was published Jul 17, 2025

A directory traversal vulnerability exists in ColoradoFTP Server ≤ 1.3 Build 8 for Windows,... Critical Unreviewed

CVE-2025-34110 was published Jul 15, 2025

The HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder. plugin... Critical Unreviewed

CVE-2025-7360 was published Jul 15, 2025

The Support Board plugin for WordPress is vulnerable to arbitrary file deletion due to... Critical Unreviewed

CVE-2025-4828 was published Jul 9, 2025

Marvell QConvergeConsole QLogicDownloadImpl Directory Traversal Arbitrary File Deletion and... Critical Unreviewed

CVE-2025-6793 was published Jul 7, 2025

Marvell QConvergeConsole saveAsText Directory Traversal Remote Code Execution Vulnerability. This... Critical Unreviewed

CVE-2025-6794 was published Jul 7, 2025

MICROSENS NMP Web+ could allow an unauthenticated attacker to overwrite files and execute... Critical Unreviewed

CVE-2025-49153 was published Jun 26, 2025

An arbitrary file upload vulnerability exists in the Zhiyuan OA platform 5.0, 5.1 - 5.6sp1, 6.0 -... Critical Unreviewed

CVE-2025-34040 was published Jun 26, 2025

A path traversal vulnerability exists in multiple models of Selea Targa IP OCR-ANPR cameras,... Critical Unreviewed

CVE-2025-34022 was published Jun 20, 2025

Directory Traversal vulnerability in novel plus before v.5.1.0 allows a remote attacker to... Critical Unreviewed

CVE-2025-45890 was published Jun 20, 2025

The Image Resizer On The Fly plugin for WordPress is vulnerable to arbitrary file deletion due to... Critical Unreviewed

CVE-2025-6065 was published Jun 14, 2025

Path traversal vulnerability exists in RICOH Streamline NX V3 PC Client versions 3.5.0 to 3.242.0... Critical Unreviewed

CVE-2025-46783 was published Jun 13, 2025

Allows arbitrary filesystem writes outside the extraction directory during extraction with filter... Critical Unreviewed

CVE-2025-4517 was published Jun 3, 2025

Previous 12…28 Next

Previous 1 2 3 4 5 … 27 28 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

693 advisories