GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,205
Composer 4,894
Erlang 38
GitHub Actions 38
Go 2,552
Maven 6,024
npm 4,224
NuGet 746
pip 3,999
Pub 12
RubyGems 953
Rust 1,041
Swift 45

Unreviewed advisories

All unreviewed 273,131

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

161 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

HCL Unica Platform is affected by unprotected files due to improper access controls. These... Moderate Unreviewed

CVE-2025-31996 was published Oct 13, 2025

In the default installation and configuration of Gladinet CentreStack and TrioFox, there is an... Moderate Unreviewed

CVE-2025-11371 was published Oct 9, 2025

A files or directories accessible to external parties vulnerability has been reported to affect... Moderate Unreviewed

CVE-2024-48864 was published Mar 7, 2025

File replacement vulnerability on some devices Impact: Successful exploitation of this... Moderate Unreviewed

CVE-2024-54099 was published Dec 12, 2024

A vulnerability in the command-line interface of EdgeConnect SD-WAN could allow an authenticated... Moderate Unreviewed

CVE-2025-37130 was published Sep 17, 2025

copyparty: Sharing a single file does not fully restrict access to other files in source folder Moderate

CVE-2025-58753 was published for copyparty (pip) Sep 9, 2025

CData API Server MySQL Misconfiguration Information Disclosure Vulnerability. This vulnerability... Moderate Unreviewed

CVE-2025-9273 was published Sep 2, 2025

Files or directories accessible to external parties issue exists in SS1 Ver.16.0.0.10 and earlier... Moderate Unreviewed

CVE-2025-52460 was published Aug 28, 2025

Liferay Portal's unauthenticated users can access loaded files via URL before submitting the object entry Moderate

CVE-2025-43758 was published for com.liferay:com.liferay.frontend.js.web (Maven) Aug 22, 2025

MCCMS 2.7.0 is vulnerable to Arbitrary file deletion in the Backups.php component. This allows an... Moderate Unreviewed

CVE-2025-51818 was published Aug 21, 2025

Liferay Portal Unauthenticated File Access via URL Moderate

CVE-2025-43749 was published for com.liferay.portal:release.portal.bom (Maven) Aug 20, 2025

Dell SmartFabric OS10 Software, versions prior to 10.6.0.5 contains a Files or Directories... Moderate Unreviewed

CVE-2025-30103 was published Jul 30, 2025

The TeleMessage service through 2025-05-05 is based on a JSP application in which the heap... Moderate Unreviewed

CVE-2025-48928 was published May 28, 2025

Unauthorized file access vulnerability in the wallpaper service module. Successful exploitation... Moderate Unreviewed

CVE-2023-52112 was published Jan 16, 2024

The Secure Downloads WordPress plugin before 1.2.3 is vulnerable does not properly restrict which... Moderate Unreviewed

CVE-2024-8031 was published May 15, 2025

A flaw was found in Samba. The smbd service daemon does not pick up group membership changes when... Moderate Unreviewed

CVE-2025-0620 was published Jun 6, 2025

The web portal on airpointer 2.4.107-2 was vulnerable local file inclusion. A malicious user with... Moderate Unreviewed

CVE-2025-4634 was published May 30, 2025

Markdownify MCP Server allows attackers to read arbitrary files Moderate

CVE-2025-5273 was published for mcp-markdownify-server (npm) May 29, 2025

A vulnerability classified as critical was found in SourceCodester Client Database Management... Moderate Unreviewed

CVE-2025-4909 was published May 19, 2025

When creating an OPERATOR user account on the BMC, the redfish plugin saved the auto-generated... Moderate Unreviewed

CVE-2022-3287 was published Sep 29, 2022

Aria Operations for Networks contains a local file read vulnerability. A malicious actor with... Moderate Unreviewed

CVE-2024-22240 was published Feb 6, 2024

A vulnerability, which was classified as problematic, was found in SourceCodester Online Eyewear... Moderate Unreviewed

CVE-2025-2651 was published Mar 23, 2025

A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been rated as... Moderate Unreviewed

CVE-2025-2038 was published Mar 6, 2025

Jenkins NUnit Plugin vulnerable to Protection Mechanism Failure Moderate

CVE-2022-43414 was published for org.jenkins-ci.plugins:nunit (Maven) Oct 19, 2022

An improper cache key vulnerability was identified in GitHub Enterprise Server that allowed an... Moderate Unreviewed

CVE-2022-23738 was published Nov 1, 2022

Previous1…7 Next

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

161 advisories