Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,652
Erlang
34
GitHub Actions
26
Go
2,257
Maven
5,000+
npm
3,909
NuGet
704
pip
3,680
Pub
12
RubyGems
915
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

6,728 advisories

Loading
The Database Toolset plugin is vulnerable to arbitrary file deletion due to insufficient file... Critical Unreviewed
CVE-2025-3065 was published Apr 24, 2025
The WPMasterToolKit (WPMTK) – All in one plugin plugin for WordPress is vulnerable to Directory... High Unreviewed
CVE-2025-3300 was published Apr 24, 2025
A path traversal vulnerability in Commvault Command Center Innovation Release allows an... Critical Unreviewed
CVE-2025-34028 was published Apr 22, 2025
NVIDIA NeMo Framework contains a vulnerability where an attacker could cause an improper... High Unreviewed
CVE-2025-23250 was published Apr 22, 2025
io.jmix.localfs:jmix-localfs has a Path Traversal in Local File Storage Moderate
CVE-2025-32950 was published for io.jmix.localfs:jmix-localfs (Maven) Apr 22, 2025
shadowsock5
**UNSUPPORTED WHEN ASSIGNED** A path traversal vulnerability in the web management interface of... Moderate Unreviewed
CVE-2025-3577 was published Apr 22, 2025
Traefik has a possible vulnerability with the path matchers High
CVE-2025-32431 was published for github.com/traefik/traefik (Go) Apr 21, 2025
A vulnerability exists in the daemon process of the Yi IOT XY-3820 v6.0.24.10, which exposes a... Critical Unreviewed
CVE-2025-29660 was published Apr 21, 2025
Local File Inclusion (LFI) vulnerability in a Render function of Formulatrix Rock Maker Web (RMW)... Critical Unreviewed
CVE-2025-0632 was published Apr 21, 2025
In Infodraw Media Relay Service (MRS) 7.1.0.0, the MRS web server (on port 12654) allows reading... Moderate Unreviewed
CVE-2025-43928 was published Apr 20, 2025
GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to read... Moderate Unreviewed
CVE-2025-43919 was published Apr 20, 2025
The Download Manager plugin for WordPress is vulnerable to arbitrary file deletion due to... High Unreviewed
CVE-2025-3404 was published Apr 19, 2025
The Avatar plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file... High Unreviewed
CVE-2025-3520 was published Apr 18, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-39568 was published Apr 17, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2025-27283 was published Apr 17, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2025-27299 was published Apr 17, 2025
The WP Editor plugin for WordPress is vulnerable to arbitrary file read in all versions up to,... Moderate Unreviewed
CVE-2025-3295 was published Apr 17, 2025
The WP Editor plugin for WordPress is vulnerable to arbitrary file update due to missing file... High Unreviewed
CVE-2025-3294 was published Apr 17, 2025
PHPGurukul Pre-School Enrollment System is vulnerable to Directory Traversal in manage-teachers.php. High Unreviewed
CVE-2025-28072 was published Apr 16, 2025
A vulnerability classified as problematic was found in misstt123 oasys 1.0. Affected by this... Moderate Unreviewed
CVE-2025-3686 was published Apr 16, 2025
A zip slip vulnerability in the component \service\migrate\MigrateForm.java of JEEWMS v3.7 allows... Moderate Unreviewed
CVE-2025-29213 was published Apr 15, 2025
By crafting a malformed file name for an attachment in a multipart message, an attacker can trick... Moderate Unreviewed
CVE-2025-2830 was published Apr 15, 2025
The vulnerability allows any authenticated user to leak the contents of arbitrary “.m3u8” files... Low Unreviewed
CVE-2025-32943 was published Apr 15, 2025
A vulnerability was found in Yonyou YonBIP MA2.7. It has been declared as problematic. Affected... Moderate Unreviewed
CVE-2025-3562 was published Apr 14, 2025
A vulnerability classified as critical was found in frdel Agent-Zero 0.8.1.2. This vulnerability... Moderate Unreviewed
CVE-2025-3547 was published Apr 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database