Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

354 advisories

Loading
The ReadFile endpoint of the firmware for Mennekes Smart / Premium Chargingpoints can be abused... High Unreviewed
CVE-2025-22369 was published Mar 11, 2025
Apache Linkis DataSource allows arbitrary file reading High
CVE-2023-41916 was published for org.apache.linkis:linkis-datasource (Maven) Jul 15, 2024
mndpsingh287 WP File Manager v6.4 and lower fails to restrict external access to the fm_backups... Moderate Unreviewed
CVE-2020-24312 was published May 24, 2022
WRC-X3200GST3-B v1.25 and earlier, and WRC-G01-W v1.24 and earlier allow a network-adjacent... Moderate Unreviewed
CVE-2024-29225 was published Apr 4, 2024
Apache Linkis arbitrary file deletion vulnerability High
CVE-2024-27182 was published for org.apache.linkis:linkis (Maven) Aug 2, 2024
OpenStack Swift XML external entities (XXE) Injection Moderate
CVE-2022-47950 was published for swift (pip) Jan 18, 2023
CWE-552: Files or Directories Accessible to External Parties vulnerability over https exists that... High Unreviewed
CVE-2025-2222 was published Apr 9, 2025
The Download Manager WordPress plugin before 3.3.07 doesn't prevent directory listing on web... Moderate Unreviewed
CVE-2024-13126 was published Mar 16, 2025
In AshPostgres, empty, atomic, non-bulk actions, policy bypass for side-effects vulnerability. Moderate
CVE-2024-49756 was published for ash_postgres (Erlang) Oct 23, 2024
maennchen rapidfsub
zachdaniel
Local File Inclusion vulnerability in Ready's attachment upload panel allows low privileged user... High Unreviewed
CVE-2025-1982 was published Apr 16, 2025
The sourceMapURL feature in devtools was missing security checks that would have allowed a... Moderate Unreviewed
CVE-2022-28283 was published Dec 22, 2022
Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently... Critical Unreviewed
CVE-2017-14942 was published May 13, 2022
Files or directories accessible to external parties vulnerability in picasa.php in Synology Photo... High Unreviewed
CVE-2017-12079 was published May 13, 2022
The web portal of Dragino Lora LG01 18ed40 IoT v4.3.4 has the directory listing at the URL https:... High Unreviewed
CVE-2022-45227 was published Dec 12, 2022
An improper cache key vulnerability was identified in GitHub Enterprise Server that allowed an... Moderate Unreviewed
CVE-2022-23738 was published Nov 1, 2022
Jenkins NUnit Plugin vulnerable to Protection Mechanism Failure Moderate
CVE-2022-43414 was published for org.jenkins-ci.plugins:nunit (Maven) Oct 19, 2022
The Shariff Wrapper plugin for WordPress is vulnerable to Local File Inclusion in versions up to,... Critical Unreviewed
CVE-2024-4098 was published Jun 20, 2024
A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges to... High Unreviewed
CVE-2025-32819 was published May 7, 2025
A vulnerability was discovered in Pagure server. If a malicious user were to submit a git... High Unreviewed
CVE-2024-4981 was published May 12, 2025
A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been rated as... Moderate Unreviewed
CVE-2025-2038 was published Mar 6, 2025
A vulnerability, which was classified as problematic, was found in SourceCodester Online Eyewear... Moderate Unreviewed
CVE-2025-2651 was published Mar 23, 2025
Aria Operations for Networks contains a local file read vulnerability. A malicious actor with... Moderate Unreviewed
CVE-2024-22240 was published Feb 6, 2024
Insecure access control in ZKTeco BioTime v8.5.5 allows unauthenticated attackers to read... High Unreviewed
CVE-2023-38952 was published Aug 4, 2023
In the affected version of the 1E Client, an ordinary user could subvert downloaded instruction... High Unreviewed
CVE-2023-45160 was published Oct 5, 2023
When creating an OPERATOR user account on the BMC, the redfish plugin saved the auto-generated... Moderate Unreviewed
CVE-2022-3287 was published Sep 29, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database