GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,889
Composer 4,870
Erlang 37
GitHub Actions 36
Go 2,500
Maven 5,942
npm 4,147
NuGet 735
pip 3,948
Pub 12
RubyGems 945
Rust 1,025
Swift 39

Unreviewed advisories

All unreviewed 269,561

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

7,179 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

**UNSUPPORTED WHEN ASSIGNED** A path traversal vulnerability in the web management interface of... Moderate Unreviewed

CVE-2025-3577 was published Apr 22, 2025

opencms V2.3 is vulnerable to Arbitrary file read in src/main/webapp/view/admin/document/dataPage... Moderate Unreviewed

CVE-2025-28099 was published Apr 21, 2025

Traefik has a possible vulnerability with the path matchers High

CVE-2025-32431 was published for github.com/traefik/traefik (Go) Apr 21, 2025

A vulnerability exists in the daemon process of the Yi IOT XY-3820 v6.0.24.10, which exposes a... Critical Unreviewed

CVE-2025-29660 was published Apr 21, 2025

Local File Inclusion (LFI) vulnerability in a Render function of Formulatrix Rock Maker Web (RMW)... Critical Unreviewed

CVE-2025-0632 was published Apr 21, 2025

In Infodraw Media Relay Service (MRS) 7.1.0.0, the MRS web server (on port 12654) allows reading... Moderate Unreviewed

CVE-2025-43928 was published Apr 20, 2025

GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to read... Moderate Unreviewed

CVE-2025-43919 was published Apr 20, 2025

The Download Manager plugin for WordPress is vulnerable to arbitrary file deletion due to... High Unreviewed

CVE-2025-3404 was published Apr 19, 2025

The Avatar plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file... High Unreviewed

CVE-2025-3520 was published Apr 18, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed

CVE-2025-39568 was published Apr 17, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed

CVE-2025-27283 was published Apr 17, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed

CVE-2025-27299 was published Apr 17, 2025

The WP Editor plugin for WordPress is vulnerable to arbitrary file read in all versions up to,... Moderate Unreviewed

CVE-2025-3295 was published Apr 17, 2025

The WP Editor plugin for WordPress is vulnerable to arbitrary file update due to missing file... High Unreviewed

CVE-2025-3294 was published Apr 17, 2025

PHPGurukul Pre-School Enrollment System is vulnerable to Directory Traversal in manage-teachers.php. High Unreviewed

CVE-2025-28072 was published Apr 16, 2025

A vulnerability classified as problematic was found in misstt123 oasys 1.0. Affected by this... Moderate Unreviewed

CVE-2025-3686 was published Apr 16, 2025

A zip slip vulnerability in the component \service\migrate\MigrateForm.java of JEEWMS v3.7 allows... Moderate Unreviewed

CVE-2025-29213 was published Apr 15, 2025

By crafting a malformed file name for an attachment in a multipart message, an attacker can trick... Moderate Unreviewed

CVE-2025-2830 was published Apr 15, 2025

CrushFTP 9.x and 10.x through 10.8.4 and 11.x through 11.3.1 allows directory traversal via the ... Moderate Unreviewed

CVE-2025-32103 was published Apr 15, 2025

The vulnerability allows any authenticated user to leak the contents of arbitrary “.m3u8” files... Low Unreviewed

CVE-2025-32943 was published Apr 15, 2025

A vulnerability was found in Yonyou YonBIP MA2.7. It has been declared as problematic. Affected... Moderate Unreviewed

CVE-2025-3562 was published Apr 14, 2025

A vulnerability classified as critical was found in frdel Agent-Zero 0.8.1.2. This vulnerability... Moderate Unreviewed

CVE-2025-3547 was published Apr 14, 2025

mholt/archiver Vulnerable to Path Traversal via Crafted ZIP File High

CVE-2025-3445 was published for github.com/mholt/archiver (Go) Apr 14, 2025

A path handling issue was addressed with improved validation. This issue is fixed in iOS 17 and... Moderate Unreviewed

CVE-2023-42961 was published Apr 11, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed

CVE-2025-32671 was published Apr 11, 2025

Previous 1…18…288 Next

Previous 1 2 … 16 17 18 19 20 … 287 288 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

7,179 advisories