Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,701
Maven
5,000+
npm
4,328
NuGet
761
pip
4,103
Pub
12
RubyGems
958
Rust
1,064
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

6,145 advisories

Loading
Insufficient escaping in the report scheduler within Checkmk <2.4.0p13, <2.3.0p38, <2.2.0p46 and... High Unreviewed
CVE-2025-39664 was published Oct 9, 2025
Advantech WebAccess/VPN versions prior to 1.1.5 contain an absolute path traversal via... Moderate Unreviewed
CVE-2025-34238 was published Nov 6, 2025
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-54160 was published Dec 4, 2025
A vulnerability in FileStation file cgi allows remote authenticated users to read file metadata... Moderate Unreviewed
CVE-2025-29844 was published Dec 4, 2025
A vulnerability in portenable cgi allows remote authenticated users to get the status of... High Unreviewed
CVE-2025-29846 was published Dec 4, 2025
A vulnerability in FileStation thumb cgi allows remote authenticated users to read/write image... Moderate Unreviewed
CVE-2025-29843 was published Dec 4, 2025
A vulnerability in VideoPlayer2 subtitle cgi allows remote authenticated users to read .srt files. Moderate Unreviewed
CVE-2025-29845 was published Dec 4, 2025
PublicCMS V5.202506.b is vulnerable to path traversal via the doUploadSitefile method. High Unreviewed
CVE-2025-65838 was published Dec 1, 2025
Arbitrary File Overwrite via Tar Extraction Path Traversal in DB Electronica Telecomunicazioni S... Critical Unreviewed
CVE-2025-66262 was published Nov 26, 2025
Unauthenticated Path Traversal with Arbitrary File Deletion in DB Electronica Telecomunicazioni S... High Unreviewed
CVE-2025-66251 was published Nov 26, 2025
A Path Traversal vulnerability in AllSky v2023.05.01_04 allows an unauthenticated attacker to... Critical Unreviewed
CVE-2024-44373 was published Aug 19, 2025
The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file deletion due to... High Unreviewed
CVE-2025-13645 was published Dec 3, 2025
A security vulnerability has been detected in Rareprob HD Video Player All Formats App 12.1.372... Moderate Unreviewed
CVE-2025-13876 was published Dec 2, 2025
Directory traversal vulnerability in SOLIDserver IPAM v8.2.3. This vulnerability allows an... Moderate Unreviewed
CVE-2025-13879 was published Dec 2, 2025
A weakness has been identified in Yohann0617 oci-helper up to 3.2.4. This issue affects the... Moderate Unreviewed
CVE-2025-13875 was published Dec 2, 2025
SoftSea EPUB File Reader 1.0.0.0 is vulnerable to Directory Traversal. The vulnerability resides... High Unreviewed
CVE-2025-63365 was published Dec 1, 2025
IBM QRadar SOAR Plugin App 1.0.0 through 5.6.0 could allow a remote attacker to traverse... Moderate Unreviewed
CVE-2025-36114 was published Aug 20, 2025
A security vulnerability has been detected in moxi159753 Mogu Blog v2 up to 5.2. The impacted... Moderate Unreviewed
CVE-2025-13816 was published Dec 1, 2025
A vulnerability was found in jsnjfz WebStack-Guns 1.0. This affects the function renderPicture of... Moderate Unreviewed
CVE-2025-13810 was published Dec 1, 2025
A vulnerability was identified in Scada-LTS up to 2.7.8.1. Affected is the function Common... Moderate Unreviewed
CVE-2025-13791 was published Nov 30, 2025
Fluent Bit out_file plugin does not properly sanitize tag values when deriving output file names.... Moderate Unreviewed
CVE-2025-12972 was published Nov 24, 2025
Improper input sanitization in the file archives upload functionality of Eaton Galileo software... High Unreviewed
CVE-2025-59890 was published Nov 27, 2025
UnForm Server versions < 10.1.15 contain an unauthenticated arbitrary file read and SMB coercion... High Unreviewed
CVE-2025-34350 was published Nov 25, 2025
An authentication-bypass vulnerability exists in AiCloud. This vulnerability can be triggered by... Critical Unreviewed
CVE-2025-59366 was published Nov 25, 2025
A path traversal vulnerability has been identified in WebDAV, which may allow unauthenticated... High Unreviewed
CVE-2025-12003 was published Nov 25, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database