Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

354 advisories

Loading
ChestnutCMS <=1.5.0 has an arbitrary file deletion vulnerability in contentcore.controller... High Unreviewed
CVE-2024-57452 was published Feb 3, 2025
Sparkle Signing Checks Bypass High
CVE-2025-0509 was published for github.com/sparkle-project/Sparkle (Swift) Feb 4, 2025
The EPHEMERAL coder in ImageMagick before 6.9.3-10 and 7.x before 7.0.1-1 allows remote attackers... Moderate Unreviewed
CVE-2016-3715 was published May 14, 2022
A vulnerability was found in SourceCodester Online Birth Certificate Management System 1.0. It... Moderate Unreviewed
CVE-2024-5045 was published May 17, 2024
Local File Inclusion vulnerability in dhtmlxFileExplorer v.8.4.6 allows a remote attacker to... High Unreviewed
CVE-2024-55214 was published Feb 7, 2025
Directory Traversal vulnerability in dhtmlxFileExplorer v.8.4.6 allows a remote attacker to... High Unreviewed
CVE-2024-55213 was published Feb 7, 2025
An insecure direct object reference vulnerability in GitLab EE affecting all versions from 15.7... Moderate Unreviewed
CVE-2025-1042 was published Feb 12, 2025
GDidees CMS v3.9.1 was discovered to contain a source code disclosure vulnerability by the backup... High Unreviewed
CVE-2023-27180 was published Apr 7, 2023
In Progress® Telerik® Document Processing Libraries, versions prior to 2025 Q1 (2025.1.205),... High Unreviewed
CVE-2024-11629 was published Feb 12, 2025
Guava vulnerable to insecure use of temporary directory Moderate
CVE-2023-2976 was published for com.google.guava:guava (Maven) Jun 14, 2023
Apache Struts vulnerable to path traversal Critical
CVE-2023-50164 was published for org.apache.struts:struts2-core (Maven) Dec 7, 2023
yoshizawa-masatoshi henrikplate
An attacker could obtain firmware files and reverse engineer their intended use leading to loss... Moderate Unreviewed
CVE-2025-23421 was published Feb 14, 2025
The Shopping Cart & eCommerce Store WordPress plugin before 5.4.3 does not validate HTTP requests... High Unreviewed
CVE-2023-1124 was published Apr 3, 2023
amano Xparc parking solutions 7.1.3879 was discovered to be vulnerable to local file inclusion. High Unreviewed
CVE-2023-23330 was published Mar 28, 2023
The Content Blocks (Custom Post Widget) plugin for WordPress is vulnerable to Local File... High Unreviewed
CVE-2024-3564 was published Jun 1, 2024
Stimulsoft Designer (Web) 2023.1.3 is vulnerable to Local File Inclusion. High Unreviewed
CVE-2023-25260 was published Mar 28, 2023
Auth. (admin+) Arbitrary File Read vulnerability in S2W – Import Shopify to WooCommerce plugin <=... Moderate Unreviewed
CVE-2022-44634 was published Jul 6, 2023
Unauthenticated Arbitrary File Read vulnerability in MultiSafepay plugin for WooCommerce plugin <... High Unreviewed
CVE-2022-33901 was published Jul 23, 2022
Files or Directories Accessible to External Parties vulnerability in Agito Computer Health4All... High Unreviewed
CVE-2024-12917 was published Feb 24, 2025
Moodle has an arbitrary file read risk through pdfTeX High
CVE-2025-26525 was published for moodle/moodle (Composer) Feb 24, 2025
A directory traversal vulnerability in Hewlett Packard Enterprise Insight Remote Support may... Critical Unreviewed
CVE-2024-53676 was published Nov 27, 2024
SeaCMS 13.3 was discovered to contain an arbitrary file read vulnerability in the... Moderate Unreviewed
CVE-2025-25799 was published Mar 6, 2025
A files or directories accessible to external parties vulnerability has been reported to affect... Moderate Unreviewed
CVE-2024-48864 was published Mar 7, 2025
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302... High Unreviewed
CVE-2025-25266 was published Mar 11, 2025
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302... Moderate Unreviewed
CVE-2025-25267 was published Mar 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database