Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,152
NuGet
736
pip
3,953
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

7,188 advisories

Loading
The Database Toolset plugin is vulnerable to arbitrary file deletion due to insufficient file... Critical Unreviewed
CVE-2025-3065 was published Apr 24, 2025
In Infodraw Media Relay Service (MRS) 7.1.0.0, the MRS web server (on port 12654) allows reading... Moderate Unreviewed
CVE-2025-43928 was published Apr 20, 2025
An issue in the CPIO command of Busybox v1.33.2 allows attackers to execute a directory traversal. High Unreviewed
CVE-2023-39810 was published Aug 28, 2023
WordPress Core is vulnerable to Directory Traversal in versions up to, and including, 6.2, via... Moderate Unreviewed
CVE-2023-2745 was published Jul 6, 2023
The Mayosis Core plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to,... High Unreviewed
CVE-2025-1565 was published Apr 25, 2025
Traefik has a possible vulnerability with the path matchers High
CVE-2025-32431 was published for github.com/traefik/traefik (Go) Apr 21, 2025
An issue in the Printer Manager Systm of Entrust Corp Printer Manager D3.18.4-3 and below allows... Moderate Unreviewed
CVE-2025-28354 was published Apr 25, 2025
Automotive Shop Management System v1.0 is vulnerable to Delete any file via /asms/classes/Master... Moderate Unreviewed
CVE-2022-44280 was published Nov 23, 2022
qpress before PierreLvx/qpress 20220819 and before version 11.3, as used in Percona XtraBackup... Moderate Unreviewed
CVE-2022-45866 was published Nov 23, 2022
Quick Agent V3 and Quick Agent V2 contain an issue with improper limitation of a pathname to a... Critical Unreviewed
CVE-2025-26692 was published Apr 28, 2025
Quick Agent V3 and Quick Agent V2 contain an issue with improper limitation of a pathname to a... High Unreviewed
CVE-2025-27937 was published Apr 28, 2025
Local File Inclusion (LFI) vulnerability in a Render function of Formulatrix Rock Maker Web (RMW)... Critical Unreviewed
CVE-2025-0632 was published Apr 21, 2025
GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to read... Moderate Unreviewed
CVE-2025-43919 was published Apr 20, 2025
A security agent directory traversal vulnerability in Trend Micro Apex One and Apex One as a... High Unreviewed
CVE-2022-44653 was published Dec 12, 2022
MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files... Critical Unreviewed
CVE-2018-14847 was published May 14, 2022
Mozilla Firefox's update mechanism allowed a medium-integrity user process to interfere with the... High Unreviewed
CVE-2025-2817 was published Apr 29, 2025
Frappe version 14.10.0 allows an external attacker to remotely obtain arbitrary local files. This... Moderate Unreviewed
CVE-2022-41712 was published Nov 25, 2022
A vulnerability, which was classified as problematic, has been found in Wangshen SecGate 3600... Moderate Unreviewed
CVE-2025-4078 was published Apr 29, 2025
WithSecure through 2022-08-10 allows attackers to cause a denial of service (issue 4 of 5). Critical Unreviewed
CVE-2022-38165 was published Nov 18, 2022
Arobas Music Guitar Pro for iPad and iPhone before v1.10.2 allows attackers to perform directory... High Unreviewed
CVE-2022-43264 was published Nov 16, 2022
The Netic User Export add-on before 1.3.5 for Atlassian Confluence has the functionality to... High Unreviewed
CVE-2022-42977 was published Nov 15, 2022
A vulnerability, which was classified as critical, was found in Wangshen SecGate 3600 2024.... Moderate Unreviewed
CVE-2025-4186 was published May 2, 2025
A vulnerability, which was classified as critical, has been found in Wangshen SecGate 3600 2024.... Moderate Unreviewed
CVE-2025-4185 was published May 2, 2025
A vulnerability was found in xiaowei1118 java_server up to... Moderate Unreviewed
CVE-2025-4178 was published May 2, 2025
IBM Concert Software 1.0.0 through 1.0.5 could allow a remote attacker to traverse directories on... Moderate Unreviewed
CVE-2024-55913 was published May 2, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database