Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
40
GitHub Actions
38
Go
2,758
Maven
5,000+
npm
4,364
NuGet
766
pip
4,132
Pub
12
RubyGems
961
Rust
1,070
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,267 advisories

Loading
Bludit versions before 3.13.1 contain an authenticated file download vulnerability in the Backup... High Unreviewed
CVE-2023-53907 was published Dec 18, 2025
Incorrect access control in the /templates/ component of RiteCMS v3.1.0 allows attackers to... High Unreviewed
CVE-2025-67171 was published Dec 17, 2025
A vulnerability exists in NGINX Ingress Controller's nginx.org/rewrite-target annotation... High Unreviewed
CVE-2025-14727 was published Dec 17, 2025
@vitejs/plugin-rsc has an Arbitrary File Read via `/__vite_rsc_findSourceMapURL` Endpoint High
CVE-2025-68155 was published for @vitejs/plugin-rsc (npm) Dec 16, 2025
yueyueL
Credited to yueyueL
WebsiteBaker 2.13.3 contains a directory traversal vulnerability that allows authenticated... High Unreviewed
CVE-2023-53902 was published Dec 16, 2025
WaveView client allows users to execute restricted set of predefined commands and scripts on the... High Unreviewed
CVE-2025-65074 was published Dec 16, 2025
WaveView client allows users to execute restricted set of predefined commands and scripts on the... High Unreviewed
CVE-2025-65076 was published Dec 16, 2025
A Zip Slip vulnerability in the import a Project component of iceScrum v7.54 Pro On-prem allows... High Unreviewed
CVE-2025-60786 was published Dec 15, 2025
NetSupport Manager < 14.12.0001 contains an arbitrary file write vulnerability in its... High Unreviewed
CVE-2025-34181 was published Dec 15, 2025
Weaviate OSS has a Path Traversal Vulnerability via Backup ZipSlip High
CVE-2025-67818 was published for github.com/weaviate/weaviate (Go) Dec 12, 2025
Weaviate OSS has path traversal vulnerability via the Shard Movement API High
CVE-2025-67819 was published for github.com/weaviate/weaviate (Go) Dec 12, 2025
The Player Leaderboard plugin for WordPress is vulnerable to Local File Inclusion in all versions... High Unreviewed
CVE-2025-12824 was published Dec 12, 2025
xbtitFM 4.1.18 contains a path traversal vulnerability that allows unauthenticated attackers to... High Unreviewed
CVE-2024-58312 was published Dec 12, 2025
APC Network Management Card 4 contains a path traversal vulnerability that allows unauthenticated... High Unreviewed
CVE-2024-58310 was published Dec 12, 2025
An issue was discovered in cPanel 110 through 132. A directory traversal vulnerability within the... High Unreviewed
CVE-2025-66429 was published Dec 11, 2025
SpinetiX Fusion Digital Signage 3.4.8 and lower contains an authenticated path traversal... High Unreviewed
CVE-2020-36883 was published Dec 10, 2025
QiHang Media Web Digital Signage 3.0.9 contains an unauthenticated file deletion vulnerability in... High Unreviewed
CVE-2020-36898 was published Dec 10, 2025
Eibiz i-Media Server Digital Signage 3.8.0 contains a directory traversal vulnerability that... High Unreviewed
CVE-2020-36893 was published Dec 10, 2025
Directory Traversal vulnerability in Fearless Geek Media FearlessCMS v.0.0.2-15 allows a remote... High Unreviewed
CVE-2025-56431 was published Dec 10, 2025
Directory Traversal vulnerability in Fearless Geek Media FearlessCMS v.0.0.2-15 allows a remote... High Unreviewed
CVE-2025-56430 was published Dec 10, 2025
Barracuda Service Center, as implemented in the RMM solution, in versions prior to 2025.1.1,... High Unreviewed
CVE-2025-34395 was published Dec 10, 2025
Gogs vulnerable to a bypass of CVE-2024-55947 High
CVE-2025-8110 was published for gogs.io/gogs (Go) Dec 10, 2025
The Hippoo Mobile App for WooCommerce plugin for WordPress is vulnerable to Path Traversal in all... High Unreviewed
CVE-2025-13339 was published Dec 10, 2025
ColdFusion versions 2025.4, 2023.16, 2021.22 and earlier are affected by an Improper Access... High Unreviewed
CVE-2025-61811 was published Dec 10, 2025
STVS ProVision 5.9.10 contains a path traversal vulnerability that allows authenticated attackers... High Unreviewed
CVE-2021-47724 was published Dec 9, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database