GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,603
Composer 5,006
Erlang 39
GitHub Actions 38
Go 2,636
Maven 6,104
npm 4,262
NuGet 760
pip 4,057
Pub 12
RubyGems 956
Rust 1,054
Swift 45

Unreviewed advisories

All unreviewed 276,513

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

198 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

SourceCodester Company Website CMS 1.0 contains a file upload vulnerability via the "Create... Critical Unreviewed

CVE-2025-29708 was published Apr 16, 2025

SourceCodester Company Website CMS 1.0 has a File upload vulnerability via the "Create portfolio"... Critical Unreviewed

CVE-2025-29709 was published Apr 16, 2025

Wallos <= 2.38.2 has a file upload vulnerability in the restore backup function, which allows... Critical Unreviewed

CVE-2024-55371 was published Apr 16, 2025

Wallos <=2.38.2 has a file upload vulnerability in the restore database function, which allows... Critical Unreviewed

CVE-2024-55372 was published Apr 16, 2025

An authenticated file deletion vulnerability in the Palo Alto Networks PAN-OS® software enables... Moderate Unreviewed

CVE-2025-0124 was published Apr 11, 2025

External control of file name or path in Azure Portal Windows Admin Center allows an unauthorized... Moderate Unreviewed

CVE-2025-29819 was published Apr 8, 2025

The ZoomSounds - WordPress Wave Audio Player with Playlist plugin for WordPress is vulnerable to... High Unreviewed

CVE-2025-3431 was published Apr 8, 2025

The Simple WP Events plugin for WordPress is vulnerable to arbitrary file deletion due to... Critical Unreviewed

CVE-2025-2004 was published Apr 8, 2025

After selecting a malicious Windows `.url` shortcut from the local filesystem, an unexpected file... High Unreviewed

CVE-2025-3033 was published Apr 1, 2025

A vulnerability, which was classified as critical, was found in Legrand SMS PowerView 1.x.... Moderate Unreviewed

CVE-2025-2982 was published Mar 31, 2025

The Product Import Export for WooCommerce – Import Export Product CSV Suite plugin for WordPress... Low Unreviewed

CVE-2025-1911 was published Mar 26, 2025

An External Control of File Name or Path vulnerability in the APROL Web Portal used in B&R APROL ... High Unreviewed

CVE-2024-10210 was published Mar 25, 2025

The Export and Import Users and Customers plugin for WordPress is vulnerable to arbitrary file... Low Unreviewed

CVE-2025-1972 was published Mar 22, 2025

The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to arbitrary... Low Unreviewed

CVE-2024-13922 was published Mar 20, 2025

eosphoros-ai/DB-GPT version latest is vulnerable to arbitrary file deletion on Windows systems... High Unreviewed

CVE-2025-0452 was published Mar 20, 2025

eosphoros-ai/db-gpt version 0.6.0 contains a vulnerability in the RAG-knowledge endpoint that... Critical Unreviewed

CVE-2024-10834 was published Mar 20, 2025

An arbitrary file deletion vulnerability exists in danny-avila/librechat version v0.7.5-rc2,... High Unreviewed

CVE-2024-10361 was published Mar 20, 2025

An external control of file name or path vulnerability [CWE-73] in FortiClientMac version 7.2.3... High Unreviewed

CVE-2023-45588 was published Mar 14, 2025

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform... Moderate Unreviewed

CVE-2025-24996 was published Mar 11, 2025

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform... Moderate Unreviewed

CVE-2025-24054 was published Mar 11, 2025

The CS Framework plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to,... High Unreviewed

CVE-2024-12036 was published Mar 7, 2025

There is a local file inclusion vulnerability in ArcGIS Server 10.9.1 thru 11.3 that may allow a... High Unreviewed

CVE-2024-51961 was published Mar 3, 2025

The Simple Download Counter plugin for WordPress is vulnerable to Arbitrary File Read in all... Moderate Unreviewed

CVE-2025-1730 was published Mar 1, 2025

The account file upload functionality in Syspass 3.2.x fails to properly handle special... Moderate Unreviewed

CVE-2025-25478 was published Mar 1, 2025

HkCms v2.3.2.240702 was discovered to contain an arbitrary file write vulnerability in the... High Unreviewed

CVE-2025-25761 was published Feb 27, 2025

Previous 1…3…8 Next

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

198 advisories