GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,174

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

69 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Propovoice: All-in-One Client Management System plugin for WordPress is vulnerable to... High Unreviewed

CVE-2025-8422 was published Sep 11, 2025

External control of file name or path in Azure Arc allows an authorized attacker to elevate... High Unreviewed

CVE-2025-55316 was published Sep 9, 2025

The Wptobe-memberships plugin for WordPress is vulnerable to arbitrary file deletion due to... High Unreviewed

CVE-2025-9048 was published Aug 23, 2025

Foxit PDF Reader < 4.3.1.0218 exposes a JavaScript API function, createDataObject(), that allows... High Unreviewed

CVE-2011-10030 was published Aug 20, 2025

: External Control of File Name or Path vulnerability in TAGFREE X-Free Uploader XFU allows :... High Unreviewed

CVE-2025-29866 was published Aug 7, 2025

The go command may execute unexpected commands when operating in untrusted VCS repositories. This... High Unreviewed

CVE-2025-4674 was published Jul 30, 2025

The SureForms – Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to... High Unreviewed

CVE-2025-6691 was published Jul 9, 2025

The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is... High Unreviewed

CVE-2025-6463 was published Jul 2, 2025

External control of file name or path in WebDAV allows an unauthorized attacker to execute code... High Unreviewed

CVE-2025-33053 was published Jun 10, 2025

An external control of file name or path vulnerability in the delete file function of Soar Cloud... High Unreviewed

CVE-2025-48783 was published Jun 6, 2025

An external control of file name or path vulnerability in the download file function of Soar... High Unreviewed

CVE-2025-48781 was published Jun 6, 2025

Predictable filename vulnerabilities in ASPECT may expose sensitive information to a potential... High Unreviewed

CVE-2024-51553 was published May 22, 2025

File corruption vulnerabilities in ASPECT provide attackers access to overwrite sys-tem files if... High Unreviewed

CVE-2025-2409 was published May 22, 2025

The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to arbitrary file deletion due... High Unreviewed

CVE-2025-3812 was published May 17, 2025

The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is... High Unreviewed

CVE-2025-3419 was published May 8, 2025

The quarantine - restore function in Qi-ANXIN Tianqing Endpoint Security Management System v10.0... High Unreviewed

CVE-2024-57394 was published Apr 21, 2025

The CLEVER - HTML5 Radio Player With History - Shoutcast and Icecast - Elementor Widget Addon... High Unreviewed

CVE-2025-3103 was published Apr 19, 2025

The ZoomSounds - WordPress Wave Audio Player with Playlist plugin for WordPress is vulnerable to... High Unreviewed

CVE-2025-3431 was published Apr 8, 2025

After selecting a malicious Windows `.url` shortcut from the local filesystem, an unexpected file... High Unreviewed

CVE-2025-3033 was published Apr 1, 2025

An External Control of File Name or Path vulnerability in the APROL Web Portal used in B&R APROL ... High Unreviewed

CVE-2024-10210 was published Mar 25, 2025

eosphoros-ai/DB-GPT version latest is vulnerable to arbitrary file deletion on Windows systems... High Unreviewed

CVE-2025-0452 was published Mar 20, 2025

An arbitrary file deletion vulnerability exists in danny-avila/librechat version v0.7.5-rc2,... High Unreviewed

CVE-2024-10361 was published Mar 20, 2025

An external control of file name or path vulnerability [CWE-73] in FortiClientMac version 7.2.3... High Unreviewed

CVE-2023-45588 was published Mar 14, 2025

The CS Framework plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to,... High Unreviewed

CVE-2024-12036 was published Mar 7, 2025

There is a local file inclusion vulnerability in ArcGIS Server 10.9.1 thru 11.3 that may allow a... High Unreviewed

CVE-2024-51961 was published Mar 3, 2025

Previous1…3 Next

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

69 advisories