Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,651
Maven
5,000+
npm
4,279
NuGet
760
pip
4,066
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,168 advisories

Loading
A security vulnerability has been detected in SimStudioAI sim up to... Moderate Unreviewed
CVE-2025-9801 was published Nov 14, 2025
The Data Tables Generator by Supsystic plugin for WordPress is vulnerable to arbitrary file... Moderate Unreviewed
CVE-2025-12089 was published Nov 13, 2025
Improper limitation of a pathname to a restricted directory ('path traversal') in Visual Studio... Moderate Unreviewed
CVE-2025-62449 was published Nov 11, 2025
Improper limitation of a pathname to a restricted directory ('path traversal') in OneDrive for... Moderate Unreviewed
CVE-2025-60722 was published Nov 11, 2025
Due to a Path Traversal vulnerability in SAP Business Connector, an attacker authenticated as an... Moderate Unreviewed
CVE-2025-42894 was published Nov 11, 2025
Due to an Information Disclosure vulnerability in SAP NetWeaver Application Server Java, internal... Moderate Unreviewed
CVE-2025-42919 was published Nov 11, 2025
A vulnerability was determined in liweiyi ChestnutCMS up to 1.5.8. This vulnerability affects the... Moderate Unreviewed
CVE-2025-12923 was published Nov 10, 2025
A vulnerability was found in OpenClinica Community Edition up to 3.12.2/3.13. This affects an... Moderate Unreviewed
CVE-2025-12922 was published Nov 10, 2025
The CYAN Backup plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient... Moderate Unreviewed
CVE-2025-12092 was published Nov 8, 2025
The WPFunnels plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient... Moderate Unreviewed
CVE-2025-12000 was published Nov 8, 2025
AstrBot has an arbitrary file read vulnerability in function _encode_image_bs64 Moderate
CVE-2025-57697 was published for AstrBot (pip) Nov 7, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2025-7719 was published Nov 7, 2025
A path traversal vulnerability has been reported to affect Qsync Central. If a remote attacker... Moderate Unreviewed
CVE-2025-57712 was published Nov 7, 2025
KubeVirt Arbitrary Container File Read Moderate
CVE-2025-64433 was published for github.com/kubevirt/kubevirt (Go) Nov 6, 2025
mihailkirov Faeris95
Credited to mihailkirov and Faeris95
Advantech WebAccess/VPN versions prior to 1.1.5 contain an absolute path traversal via... Moderate Unreviewed
CVE-2025-34238 was published Nov 6, 2025
Dell Integrated Dell Remote Access Controller 9, 14G versions prior to 7.00.00.181, 15G and 16G... Moderate Unreviewed
CVE-2025-22397 was published Nov 6, 2025
A vulnerability in the web UI of Cisco Unified CCX could allow an authenticated, remote attacker... Moderate Unreviewed
CVE-2025-20374 was published Nov 5, 2025
A parsing issue in the handling of directory paths was addressed with improved path validation.... Moderate Unreviewed
CVE-2025-43382 was published Nov 4, 2025
A security flaw has been discovered in jeecgboot jeewx-boot up to... Moderate Unreviewed
CVE-2025-12626 was published Nov 3, 2025
The Zombify plugin for WordPress is vulnerable to Path Traversal in all versions up to, and... Moderate Unreviewed
CVE-2025-8385 was published Oct 31, 2025
Allegra DatabaseBackupBL Directory Traversal Information Disclosure Vulnerability. This... Moderate Unreviewed
CVE-2025-11466 was published Oct 29, 2025
A flaw has been found in OpenWGA 7.11.12 Build 737. This affects an unknown function of the file... Moderate Unreviewed
CVE-2025-12250 was published Oct 27, 2025
A weakness has been identified in givanz Vvveb up to 1.0.7.3. This issue affects the function... Moderate Unreviewed
CVE-2025-12203 was published Oct 27, 2025
Liferay Portal ComboServlet denial of service via large file combination Moderate
CVE-2025-62254 was published for com.liferay.portal:com.liferay.portal.impl (Maven) Oct 24, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2025-60217 was published Oct 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database