GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,850
Composer 5,061
Erlang 39
GitHub Actions 38
Go 2,690
Maven 6,134
npm 4,320
NuGet 760
pip 4,096
Pub 12
RubyGems 958
Rust 1,063
Swift 45

Unreviewed advisories

All unreviewed 278,582

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

83 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Cost Calculator Builder plugin for WordPress is vulnerable to arbitrary file deletion due to... High Unreviewed

CVE-2025-12529 was published Dec 2, 2025

Unauthenticated Arbitrary File Deletion (upgrade_contents.php) in DB Electronica... High Unreviewed

CVE-2025-66254 was published Nov 26, 2025

The WP AUDIO GALLERY plugin for WordPress is vulnerable to arbitrary file deletion due to... High Unreviewed

CVE-2025-13322 was published Nov 21, 2025

External control of file name or path in Windows WLAN Service allows an authorized attacker to... High Unreviewed

CVE-2025-59511 was published Nov 11, 2025

The Auto Amazon Links – Amazon Associates Affiliate Plugin plugin for WordPress is vulnerable to... High Unreviewed

CVE-2025-11451 was published Nov 11, 2025

A vulnerability was found in 70mai X200 up to 20251019. This issue affects some unknown... High Unreviewed

CVE-2025-12915 was published Nov 9, 2025

Nagios XI versions prior to 5.7.3 contain a privilege escalation vulnerability in the getprofile... High Unreviewed

CVE-2020-36868 was published Oct 31, 2025

A validation vulnerability exists in an undisclosed URL in the Configuration utility. Note:... High Unreviewed

CVE-2025-59483 was published Oct 15, 2025

External control of file name or path in Confidential Azure Container Instances allows an... High Unreviewed

CVE-2025-59292 was published Oct 14, 2025

External control of file name or path in Confidential Azure Container Instances allows an... High Unreviewed

CVE-2025-59291 was published Oct 14, 2025

Concurrent execution using shared resource with improper synchronization ('race condition') in... High Unreviewed

CVE-2025-59200 was published Oct 14, 2025

The Motors – Car Dealership & Classified Listings Plugin plugin for WordPress is vulnerable to... High Unreviewed

CVE-2025-10494 was published Oct 8, 2025

The WP Import – Ultimate CSV XML Importer for WordPress plugin for WordPress is vulnerable to... High Unreviewed

CVE-2025-10058 was published Sep 17, 2025

The Propovoice: All-in-One Client Management System plugin for WordPress is vulnerable to... High Unreviewed

CVE-2025-8422 was published Sep 11, 2025

External control of file name or path in Azure Arc allows an authorized attacker to elevate... High Unreviewed

CVE-2025-55316 was published Sep 9, 2025

The Wptobe-memberships plugin for WordPress is vulnerable to arbitrary file deletion due to... High Unreviewed

CVE-2025-9048 was published Aug 23, 2025

Foxit PDF Reader < 4.3.1.0218 exposes a JavaScript API function, createDataObject(), that allows... High Unreviewed

CVE-2011-10030 was published Aug 20, 2025

: External Control of File Name or Path vulnerability in TAGFREE X-Free Uploader XFU allows :... High Unreviewed

CVE-2025-29866 was published Aug 7, 2025

The go command may execute unexpected commands when operating in untrusted VCS repositories. This... High Unreviewed

CVE-2025-4674 was published Jul 30, 2025

The SureForms – Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to... High Unreviewed

CVE-2025-6691 was published Jul 9, 2025

The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is... High Unreviewed

CVE-2025-6463 was published Jul 2, 2025

External control of file name or path in WebDAV allows an unauthorized attacker to execute code... High Unreviewed

CVE-2025-33053 was published Jun 10, 2025

An external control of file name or path vulnerability in the delete file function of Soar Cloud... High Unreviewed

CVE-2025-48783 was published Jun 6, 2025

An external control of file name or path vulnerability in the download file function of Soar... High Unreviewed

CVE-2025-48781 was published Jun 6, 2025

Predictable filename vulnerabilities in ASPECT may expose sensitive information to a potential... High Unreviewed

CVE-2024-51553 was published May 22, 2025

Previous1…4 Next

Previous 1 2 3 4 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

83 advisories