Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,968
Erlang
39
GitHub Actions
38
Go
2,616
Maven
5,000+
npm
4,255
NuGet
760
pip
4,040
Pub
12
RubyGems
953
Rust
1,050
Swift
45
Unreviewed advisories
All unreviewed
5,000+

364 advisories

Loading
A vulnerability was discovered in Pagure server. If a malicious user were to submit a git... High Unreviewed
CVE-2024-4981 was published May 12, 2025
A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges to... High Unreviewed
CVE-2025-32819 was published May 7, 2025
The Shariff Wrapper plugin for WordPress is vulnerable to Local File Inclusion in versions up to,... Critical Unreviewed
CVE-2024-4098 was published Jun 20, 2024
Jenkins NUnit Plugin vulnerable to Protection Mechanism Failure Moderate
CVE-2022-43414 was published for org.jenkins-ci.plugins:nunit (Maven) Oct 19, 2022
An improper cache key vulnerability was identified in GitHub Enterprise Server that allowed an... Moderate Unreviewed
CVE-2022-23738 was published Nov 1, 2022
The web portal of Dragino Lora LG01 18ed40 IoT v4.3.4 has the directory listing at the URL https:... High Unreviewed
CVE-2022-45227 was published Dec 12, 2022
Files or directories accessible to external parties vulnerability in picasa.php in Synology Photo... High Unreviewed
CVE-2017-12079 was published May 13, 2022
Intelbras WRN 150 devices allow remote attackers to read the configuration file, and consequently... Critical Unreviewed
CVE-2017-14942 was published May 13, 2022
The sourceMapURL feature in devtools was missing security checks that would have allowed a... Moderate Unreviewed
CVE-2022-28283 was published Dec 22, 2022
Local File Inclusion vulnerability in Ready's attachment upload panel allows low privileged user... High Unreviewed
CVE-2025-1982 was published Apr 16, 2025
In AshPostgres, empty, atomic, non-bulk actions, policy bypass for side-effects vulnerability. Moderate
CVE-2024-49756 was published for ash_postgres (Erlang) Oct 23, 2024
maennchen rapidfsub
zachdaniel
Credited to maennchen, rapidfsub, and zachdaniel
The Download Manager WordPress plugin before 3.3.07 doesn't prevent directory listing on web... Moderate Unreviewed
CVE-2024-13126 was published Mar 16, 2025
CWE-552: Files or Directories Accessible to External Parties vulnerability over https exists that... High Unreviewed
CVE-2025-2222 was published Apr 9, 2025
OpenStack Swift XML external entities (XXE) Injection Moderate
CVE-2022-47950 was published for swift (pip) Jan 18, 2023
Apache Linkis arbitrary file deletion vulnerability High
CVE-2024-27182 was published for org.apache.linkis:linkis (Maven) Aug 2, 2024
WRC-X3200GST3-B v1.25 and earlier, and WRC-G01-W v1.24 and earlier allow a network-adjacent... Moderate Unreviewed
CVE-2024-29225 was published Apr 4, 2024
mndpsingh287 WP File Manager v6.4 and lower fails to restrict external access to the fm_backups... Moderate Unreviewed
CVE-2020-24312 was published May 24, 2022
Apache Linkis DataSource allows arbitrary file reading High
CVE-2023-41916 was published for org.apache.linkis:linkis-datasource (Maven) Jul 15, 2024
The ReadFile endpoint of the firmware for Mennekes Smart / Premium Chargingpoints can be abused... High Unreviewed
CVE-2025-22369 was published Mar 11, 2025
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302... High Unreviewed
CVE-2025-25266 was published Mar 11, 2025
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302... Moderate Unreviewed
CVE-2025-25267 was published Mar 11, 2025
SeaCMS 13.3 was discovered to contain an arbitrary file read vulnerability in the... Moderate Unreviewed
CVE-2025-25799 was published Mar 6, 2025
A directory traversal vulnerability in Hewlett Packard Enterprise Insight Remote Support may... Critical Unreviewed
CVE-2024-53676 was published Nov 27, 2024
Moodle has an arbitrary file read risk through pdfTeX High
CVE-2025-26525 was published for moodle/moodle (Composer) Feb 24, 2025
Files or Directories Accessible to External Parties vulnerability in Agito Computer Health4All... High Unreviewed
CVE-2024-12917 was published Feb 24, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database