GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,234
Composer 4,894
Erlang 38
GitHub Actions 38
Go 2,558
Maven 6,031
npm 4,232
NuGet 751
pip 4,001
Pub 12
RubyGems 953
Rust 1,042
Swift 45

Unreviewed advisories

All unreviewed 273,677

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,699 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Arbitrary file download vulnerabilities exist in a low-level interface library in AOS-10 GW and... Moderate Unreviewed

CVE-2025-37144 was published Oct 14, 2025

Arbitrary file download vulnerabilities exist in a low-level interface library in AOS-10 GW and... Moderate Unreviewed

CVE-2025-37145 was published Oct 14, 2025

Improper Access Control in stitionai/devika Moderate Unreviewed

CVE-2024-5821 was published Jul 3, 2024

gaizhenbiao/chuanhuchatgpt version git d4ec6a3 is affected by a local file inclusion... Moderate Unreviewed

CVE-2024-10707 was published Mar 20, 2025

Path traversal in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4... Moderate Unreviewed

CVE-2025-10986 was published Oct 14, 2025

SAP Commerce Cloud contains a path traversal vulnerability that may allow users to access web... Moderate Unreviewed

CVE-2025-42906 was published Oct 14, 2025

A vulnerability was determined in RainyGao DocSys up to 2.02.36. Affected by this vulnerability... Moderate Unreviewed

CVE-2025-11631 was published Oct 12, 2025

A vulnerability was found in RainyGao DocSys up to 2.02.36. Affected is the function... Moderate Unreviewed

CVE-2025-11630 was published Oct 12, 2025

A weakness has been identified in harry0703 MoneyPrinterTurbo up to 1.2.6. The impacted element... Moderate Unreviewed

CVE-2025-11607 was published Oct 11, 2025

The Error Log Viewer by BestWebSoft plugin for WordPress is vulnerable to Directory Traversal in... Moderate Unreviewed

CVE-2025-9950 was published Oct 11, 2025

Newforma Info Exchange (NIX) accepts requests to '/UserWeb/Common/MarkupServices.ashx' specifying... Moderate Unreviewed

CVE-2025-35053 was published Oct 9, 2025

Newforma Info Exchange (NIX) '/UserWeb/Common/MarkupServices.ashx' 'StreamStampImage' accepts an... Moderate Unreviewed

CVE-2025-35056 was published Oct 9, 2025

A path traversal vulnerability has been reported to affect several QNAP operating system versions... Moderate Unreviewed

CVE-2025-47211 was published Oct 3, 2025

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release... Moderate Unreviewed

CVE-2025-43934 was published Oct 7, 2025

Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release... Moderate Unreviewed

CVE-2025-43889 was published Oct 7, 2025

A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker... Moderate Unreviewed

CVE-2025-33034 was published Oct 3, 2025

A client-side path traversal vulnerability was discovered in the web management interface front... Moderate Unreviewed

CVE-2025-3718 was published Oct 7, 2025

Directory Traversal vulnerability in EndRun Technologies Sonoma D12 Network Time Server (GPS) F/W... Moderate Unreviewed

CVE-2025-60969 was published Oct 6, 2025

A vulnerability was detected in Four-Faith Water Conservancy Informatization Platform up to 2.2.... Moderate Unreviewed

CVE-2025-11337 was published Oct 6, 2025

A security vulnerability has been detected in Four-Faith Water Conservancy Informatization... Moderate Unreviewed

CVE-2025-11336 was published Oct 6, 2025

It's possible to brute force folders and files, what can be used by an attacker to steal sensitve... Moderate Unreviewed

CVE-2025-58590 was published Oct 6, 2025

A remote, unauthorized attacker can brute force folders and files and read them like private keys... Moderate Unreviewed

CVE-2025-58591 was published Oct 6, 2025

Directory traversal vulnerability in Cogent DataHub before 7.3.5 allows remote attackers to read... Moderate Unreviewed

CVE-2014-2352 was published May 17, 2022

A security flaw has been discovered in Campcodes Farm Management System 1.0. Affected by this... Moderate Unreviewed

CVE-2025-11079 was published Sep 27, 2025

Team ENVY, a Security Research TEAM has found a flaw that allows for a remote code execution on... Moderate Unreviewed

CVE-2024-41887 was published Dec 24, 2024

Previous1…108 Next

Previous 1 2 3 4 5 … 107 108 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,699 advisories