Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,698
Maven
5,000+
npm
4,325
NuGet
761
pip
4,099
Pub
12
RubyGems
958
Rust
1,063
Swift
45
Unreviewed advisories
All unreviewed
5,000+

112 advisories

Loading
OpenStack's Mistral Client has a local file inclusion vulnerability Moderate
CVE-2021-4472 was published for python-mistralclient (pip) Nov 26, 2025
The AI Engine for WordPress: ChatGPT, GPT Content Generator plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-13380 was published Nov 25, 2025
The 简数采集器 plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to, and... Moderate Unreviewed
CVE-2025-11973 was published Nov 21, 2025
PrivateBin's template-switching feature allows arbitrary local file inclusion through path traversal Moderate
CVE-2025-64714 was published for privatebin/privatebin (Composer) Nov 14, 2025
esnard elrido
rugk
Credited to esnard, elrido, and rugk
External control of file name or path in Zoom Workplace for macOS before version 6.5.10 may allow... Moderate Unreviewed
CVE-2025-64738 was published Nov 13, 2025
External control of file name or path in certain Zoom Clients may allow an unauthenticated user... Moderate Unreviewed
CVE-2025-64739 was published Nov 13, 2025
TEC-IT TBarCode version 11.15 contains a vulnerability in the TBarCode11.ocx ActiveX/OCX control... Moderate Unreviewed
CVE-2022-4983 was published Nov 13, 2025
External control of file name or path for some Intel(R) CIP software before version WIN_DCA_2.4.0... Moderate Unreviewed
CVE-2025-20614 was published Nov 11, 2025
An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image... Moderate Unreviewed
CVE-2023-49864 was published Jan 10, 2024
An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image... Moderate Unreviewed
CVE-2023-49862 was published Jan 10, 2024
An information disclosure vulnerability exists in the aVideoEncoderReceiveImage.json.php image... Moderate Unreviewed
CVE-2023-49863 was published Jan 10, 2024
An information disclosure vulnerability exists in the aVideoEncoder.json.php chunkFile path... Moderate Unreviewed
CVE-2023-47171 was published Jan 10, 2024
The Import WP – Export and Import CSV and XML files to WordPress plugin for WordPress is... Moderate Unreviewed
CVE-2025-12137 was published Nov 1, 2025
External Control of File Name or Path vulnerability in opentext Flipper allows Path Traversal.... Moderate Unreviewed
CVE-2025-8048 was published Oct 20, 2025
External Control of File Name or Path vulnerability in opentext Flipper allows Path Traversal.  ... Moderate Unreviewed
CVE-2025-8050 was published Oct 21, 2025
External control of file name or path in Windows NTLM allows an unauthorized attacker to perform... Moderate Unreviewed
CVE-2025-24054 was published Mar 11, 2025
NTLM Hash Disclosure Spoofing Vulnerability Moderate Unreviewed
CVE-2024-43451 was published Nov 12, 2024
The Media Library Assistant plugin for WordPress is vulnerable to limited file reading in all... Moderate Unreviewed
CVE-2025-11738 was published Oct 18, 2025
External control of file name or path in Windows Core Shell allows an unauthorized attacker to... Moderate Unreviewed
CVE-2025-59185 was published Oct 14, 2025
External control of file name or path in Windows Core Shell allows an unauthorized attacker to... Moderate Unreviewed
CVE-2025-59244 was published Oct 14, 2025
An authenticated file deletion vulnerability in the Palo Alto Networks PAN-OS® software enables... Moderate Unreviewed
CVE-2025-0124 was published Apr 11, 2025
IBM Watson Query on Cloud Pak for Data 4.0.0 through 4.0.9, 4.5.0 through 4.5.3, 4.6.0 through 4... Moderate Unreviewed
CVE-2024-22341 was published Feb 22, 2025
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2024-47265 was published Feb 13, 2025
A security flaw has been discovered in Campcodes Recruitment Management System 1.0. This impacts... Moderate Unreviewed
CVE-2025-9920 was published Sep 9, 2025
Dpanel has an arbitrary file read vulnerability Moderate
CVE-2025-53363 was published for github.com/donknap/dpanel (Go) Aug 22, 2025
LTLTLXEY
Credited to LTLTLXEY
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database