GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,641
Composer 5,007
Erlang 39
GitHub Actions 38
Go 2,646
Maven 6,108
npm 4,273
NuGet 760
pip 4,065
Pub 12
RubyGems 957
Rust 1,057
Swift 45

Unreviewed advisories

All unreviewed 277,163

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

7,359 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

IBM AIX 7.2, and 7.3 and IBM VIOS 3.1, and 4.1 NIM server (formerly known as NIM master) service ... High Unreviewed

CVE-2025-36236 was published Nov 14, 2025

The Data Tables Generator by Supsystic plugin for WordPress is vulnerable to arbitrary file... Moderate Unreviewed

CVE-2025-12089 was published Nov 13, 2025

Ozeki SMS Gateway versions up to and including 10.3.208 contain a path traversal vulnerability.... High Unreviewed

CVE-2023-7327 was published Nov 13, 2025

DBLTek GoIP-1 firmware versions up to and including GHSFVT-1.1-67-5 contain a local file... High Unreviewed

CVE-2022-4982 was published Nov 13, 2025

JVC VN-T IP-camera models firmware versions up to 2016-08-22 (confirmed on the VN-T216VPRU model)... High Unreviewed

CVE-2016-15055 was published Nov 13, 2025

Longjing Technology BEMS API versions up to and including 1.21 contains an unauthenticated... High Unreviewed

CVE-2021-4463 was published Nov 13, 2025

N-central < 2025.4 is vulnerable to authentication bypass via path traversal Critical Unreviewed

CVE-2025-11366 was published Nov 12, 2025

CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')... High Unreviewed

CVE-2025-11565 was published Nov 12, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed

CVE-2025-12382 was published Nov 12, 2025

Improper limitation of a pathname to a restricted directory ('path traversal') in Visual Studio... Moderate Unreviewed

CVE-2025-62449 was published Nov 11, 2025

Improper limitation of a pathname to a restricted directory ('path traversal') in OneDrive for... Moderate Unreviewed

CVE-2025-60722 was published Nov 11, 2025

A local server-side request forgery (SSRF) security issue exists within Studio 5000® Simulation... High Unreviewed

CVE-2025-11696 was published Nov 11, 2025

Due to a Path Traversal vulnerability in SAP Business Connector, an attacker authenticated as an... Moderate Unreviewed

CVE-2025-42894 was published Nov 11, 2025

Due to an Information Disclosure vulnerability in SAP NetWeaver Application Server Java, internal... Moderate Unreviewed

CVE-2025-42919 was published Nov 11, 2025

PacsOne Server version 6.6.2 (prior versions are likely affected) contains a directory traversal... High Unreviewed

CVE-2018-25124 was published Nov 11, 2025

A vulnerability was determined in liweiyi ChestnutCMS up to 1.5.8. This vulnerability affects the... Moderate Unreviewed

CVE-2025-12923 was published Nov 10, 2025

A vulnerability was found in OpenClinica Community Edition up to 3.12.2/3.13. This affects an... Moderate Unreviewed

CVE-2025-12922 was published Nov 10, 2025

The CYAN Backup plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient... Moderate Unreviewed

CVE-2025-12092 was published Nov 8, 2025

The WPFunnels plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient... Moderate Unreviewed

CVE-2025-12000 was published Nov 8, 2025

A Local File Inclusion (LFI) vulnerability has been identified in tQuadra CMS 4.2.1117. The issue... High Unreviewed

CVE-2025-60574 was published Nov 8, 2025

AstrBot has an arbitrary file read vulnerability in function _encode_image_bs64 Moderate

CVE-2025-57697 was published for AstrBot (pip) Nov 7, 2025

AstrBot contains a directory traversal vulnerability High

CVE-2025-57698 was published for AstrBot (pip) Nov 7, 2025

A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker... Moderate Unreviewed

CVE-2025-57712 was published Nov 7, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed

CVE-2025-7719 was published Nov 7, 2025

Due to insufficient sanitization, an attacker can upload a specially crafted configuration file... High Unreviewed

CVE-2025-62630 was published Nov 7, 2025

Previous1…295 Next

Previous 1 2 3 4 5 … 294 295 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

7,359 advisories