Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

111,620 advisories

Loading
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-54029 was published Aug 28, 2025
Improper Control of Generation of Code ('Code Injection') vulnerability in emarket-design YouTube... High Unreviewed
CVE-2025-54731 was published Aug 28, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-53326 was published Aug 28, 2025
Deserialization of Untrusted Data vulnerability in emarket-design WP Ticket Customer Service... High Unreviewed
CVE-2025-53584 was published Aug 28, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-53588 was published Aug 28, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-53576 was published Aug 28, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-53334 was published Aug 28, 2025
Deserialization of Untrusted Data vulnerability in emarket-design Employee Spotlight allows... High Unreviewed
CVE-2025-53583 was published Aug 28, 2025
Missing Authorization vulnerability in Dylan James Zephyr Project Manager allows Exploiting... High Unreviewed
CVE-2025-54714 was published Aug 28, 2025
Local privilege escalation due to insecure folder permissions. The following products are... High Unreviewed
CVE-2025-9578 was published Aug 28, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-53328 was published Aug 28, 2025
Deserialization of Untrusted Data vulnerability in emarket-design WP Easy Contact allows Object... High Unreviewed
CVE-2025-53572 was published Aug 28, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-53578 was published Aug 28, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-54724 was published Aug 28, 2025
Deserialization of Untrusted Data vulnerability in magepeopleteam WpEvently allows Object... High Unreviewed
CVE-2025-54742 was published Aug 28, 2025
Missing Authorization vulnerability in bPlugins Tiktok Feed allows Accessing Functionality Not... High Unreviewed
CVE-2025-54710 was published Aug 28, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-49405 was published Aug 28, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-53248 was published Aug 28, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-53223 was published Aug 28, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-53225 was published Aug 28, 2025
Missing Authorization vulnerability in honzat Page Manager for Elementor allows Exploiting... High Unreviewed
CVE-2025-53230 was published Aug 28, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-49383 was published Aug 28, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-53215 was published Aug 28, 2025
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')... High Unreviewed
CVE-2025-53220 was published Aug 28, 2025
Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed
CVE-2025-53244 was published Aug 28, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database