Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

133 advisories

Loading
CData API Server MySQL Misconfiguration Information Disclosure Vulnerability. This vulnerability... Moderate Unreviewed
CVE-2025-9273 was published Sep 2, 2025
Files or directories accessible to external parties issue exists in SS1 Ver.16.0.0.10 and earlier... Moderate Unreviewed
CVE-2025-52460 was published Aug 28, 2025
MCCMS 2.7.0 is vulnerable to Arbitrary file deletion in the Backups.php component. This allows an... Moderate Unreviewed
CVE-2025-51818 was published Aug 21, 2025
Dell SmartFabric OS10 Software, versions prior to 10.6.0.5 contains a Files or Directories... Moderate Unreviewed
CVE-2025-30103 was published Jul 30, 2025
A flaw was found in Samba. The smbd service daemon does not pick up group membership changes when... Moderate Unreviewed
CVE-2025-0620 was published Jun 6, 2025
The web portal on airpointer 2.4.107-2 was vulnerable local file inclusion. A malicious user with... Moderate Unreviewed
CVE-2025-4634 was published May 30, 2025
The TeleMessage service through 2025-05-05 is based on a JSP application in which the heap... Moderate Unreviewed
CVE-2025-48928 was published May 28, 2025
A vulnerability classified as critical was found in SourceCodester Client Database Management... Moderate Unreviewed
CVE-2025-4909 was published May 19, 2025
The Secure Downloads WordPress plugin before 1.2.3 is vulnerable does not properly restrict which... Moderate Unreviewed
CVE-2024-8031 was published May 15, 2025
A vulnerability, which was classified as problematic, was found in SourceCodester Online Eyewear... Moderate Unreviewed
CVE-2025-2651 was published Mar 23, 2025
The Download Manager WordPress plugin before 3.3.07 doesn't prevent directory listing on web... Moderate Unreviewed
CVE-2024-13126 was published Mar 16, 2025
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302... Moderate Unreviewed
CVE-2025-25267 was published Mar 11, 2025
A files or directories accessible to external parties vulnerability has been reported to affect... Moderate Unreviewed
CVE-2024-48864 was published Mar 7, 2025
A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been rated as... Moderate Unreviewed
CVE-2025-2038 was published Mar 6, 2025
SeaCMS 13.3 was discovered to contain an arbitrary file read vulnerability in the... Moderate Unreviewed
CVE-2025-25799 was published Mar 6, 2025
An attacker could obtain firmware files and reverse engineer their intended use leading to loss... Moderate Unreviewed
CVE-2025-23421 was published Feb 14, 2025
An insecure direct object reference vulnerability in GitLab EE affecting all versions from 15.7... Moderate Unreviewed
CVE-2025-1042 was published Feb 12, 2025
Brocade Fabric OS versions before 8.2.3e2, versions 9.0.0 through 9.2.0c, and 9.2.1 through 9.2... Moderate Unreviewed
CVE-2024-10403 was published Feb 4, 2025
IBM Jazz for Service Management 1.1.3 through 1.1.3.22 could allow a remote attacker to obtain... Moderate Unreviewed
CVE-2024-47106 was published Jan 18, 2025
Specially constructed queries targeting ETM could discover active remote access sessions Moderate Unreviewed
CVE-2024-47518 was published Jan 11, 2025
Local File Inclusion vulnerability in M-Files Server in versions before 24.11 (excluding 24.8 SR1... Moderate Unreviewed
CVE-2024-10126 was published Nov 20, 2024
A vulnerability in Cisco IND could allow an authenticated, local attacker to read application... Moderate Unreviewed
CVE-2023-20039 was published Nov 15, 2024
Authenticated user can access unintended user capabilities in NetScaler ADC and NetScaler Gateway... Moderate Unreviewed
CVE-2024-8535 was published Nov 12, 2024
A directory listing issue in the baserCMS plugin in D-ZERO CO., LTD. BurgerEditor and... Moderate Unreviewed
CVE-2024-44807 was published Oct 11, 2024
BlueCMS 1.6 suffers from Arbitrary File Deletion via the file_name parameter in an /admin... Moderate Unreviewed
CVE-2024-45894 was published Oct 7, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database