GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,833
Composer 5,055
Erlang 39
GitHub Actions 38
Go 2,685
Maven 6,134
npm 4,318
NuGet 760
pip 4,092
Pub 12
RubyGems 958
Rust 1,063
Swift 45

Unreviewed advisories

All unreviewed 278,540

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,738 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A weakness has been identified in Yohann0617 oci-helper up to 3.2.4. This issue affects the... Moderate Unreviewed

CVE-2025-13875 was published Dec 2, 2025

A security vulnerability has been detected in Rareprob HD Video Player All Formats App 12.1.372... Moderate Unreviewed

CVE-2025-13876 was published Dec 2, 2025

Directory traversal vulnerability in SOLIDserver IPAM v8.2.3. This vulnerability allows an... Moderate Unreviewed

CVE-2025-13879 was published Dec 2, 2025

A security vulnerability has been detected in moxi159753 Mogu Blog v2 up to 5.2. The impacted... Moderate Unreviewed

CVE-2025-13816 was published Dec 1, 2025

A vulnerability was found in jsnjfz WebStack-Guns 1.0. This affects the function renderPicture of... Moderate Unreviewed

CVE-2025-13810 was published Dec 1, 2025

A vulnerability was identified in Scada-LTS up to 2.7.8.1. Affected is the function Common... Moderate Unreviewed

CVE-2025-13791 was published Nov 30, 2025

A path traversal vulnerability has been identified in certain router models. A remote,... Moderate Unreviewed

CVE-2025-59372 was published Nov 25, 2025

Fluent Bit out_file plugin does not properly sanitize tag values when deriving output file names.... Moderate Unreviewed

CVE-2025-12972 was published Nov 24, 2025

A parsing issue in the handling of directory paths was addressed with improved path validation.... Moderate Unreviewed

CVE-2025-31248 was published Nov 22, 2025

PDFPatcher executable does not validate user-supplied file paths, allowing directory traversal... Moderate Unreviewed

CVE-2025-63918 was published Nov 17, 2025

A vulnerability was identified in shsuishang ShopSuite ModulithShop up to... Moderate Unreviewed

CVE-2025-13246 was published Nov 16, 2025

A security vulnerability has been detected in SimStudioAI sim up to... Moderate Unreviewed

CVE-2025-9801 was published Nov 14, 2025

The Data Tables Generator by Supsystic plugin for WordPress is vulnerable to arbitrary file... Moderate Unreviewed

CVE-2025-12089 was published Nov 13, 2025

Improper limitation of a pathname to a restricted directory ('path traversal') in Visual Studio... Moderate Unreviewed

CVE-2025-62449 was published Nov 11, 2025

Improper limitation of a pathname to a restricted directory ('path traversal') in OneDrive for... Moderate Unreviewed

CVE-2025-60722 was published Nov 11, 2025

Due to a Path Traversal vulnerability in SAP Business Connector, an attacker authenticated as an... Moderate Unreviewed

CVE-2025-42894 was published Nov 11, 2025

Due to an Information Disclosure vulnerability in SAP NetWeaver Application Server Java, internal... Moderate Unreviewed

CVE-2025-42919 was published Nov 11, 2025

A vulnerability was determined in liweiyi ChestnutCMS up to 1.5.8. This vulnerability affects the... Moderate Unreviewed

CVE-2025-12923 was published Nov 10, 2025

A vulnerability was found in OpenClinica Community Edition up to 3.12.2/3.13. This affects an... Moderate Unreviewed

CVE-2025-12922 was published Nov 10, 2025

The CYAN Backup plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient... Moderate Unreviewed

CVE-2025-12092 was published Nov 8, 2025

The WPFunnels plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient... Moderate Unreviewed

CVE-2025-12000 was published Nov 8, 2025

A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker... Moderate Unreviewed

CVE-2025-57712 was published Nov 7, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed

CVE-2025-7719 was published Nov 7, 2025

Advantech WebAccess/VPN versions prior to 1.1.5 contain an absolute path traversal via... Moderate Unreviewed

CVE-2025-34238 was published Nov 6, 2025

Dell Integrated Dell Remote Access Controller 9, 14G versions prior to 7.00.00.181, 15G and 16G... Moderate Unreviewed

CVE-2025-22397 was published Nov 6, 2025

Previous1…110 Next

Previous 1 2 3 4 5 … 109 110 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,738 advisories