Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,891
Erlang
37
GitHub Actions
38
Go
2,550
Maven
5,000+
npm
4,221
NuGet
745
pip
3,998
Pub
12
RubyGems
953
Rust
1,039
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

137 advisories

Loading
HCL Unica Platform is affected by unprotected files due to improper access controls.  These... Moderate Unreviewed
CVE-2025-31996 was published Oct 13, 2025
In the default installation and configuration of Gladinet CentreStack and TrioFox, there is an... Moderate Unreviewed
CVE-2025-11371 was published Oct 9, 2025
A files or directories accessible to external parties vulnerability has been reported to affect... Moderate Unreviewed
CVE-2024-48864 was published Mar 7, 2025
File replacement vulnerability on some devices Impact: Successful exploitation of this... Moderate Unreviewed
CVE-2024-54099 was published Dec 12, 2024
A vulnerability in the command-line interface of EdgeConnect SD-WAN could allow an authenticated... Moderate Unreviewed
CVE-2025-37130 was published Sep 17, 2025
CData API Server MySQL Misconfiguration Information Disclosure Vulnerability. This vulnerability... Moderate Unreviewed
CVE-2025-9273 was published Sep 2, 2025
Files or directories accessible to external parties issue exists in SS1 Ver.16.0.0.10 and earlier... Moderate Unreviewed
CVE-2025-52460 was published Aug 28, 2025
MCCMS 2.7.0 is vulnerable to Arbitrary file deletion in the Backups.php component. This allows an... Moderate Unreviewed
CVE-2025-51818 was published Aug 21, 2025
Dell SmartFabric OS10 Software, versions prior to 10.6.0.5 contains a Files or Directories... Moderate Unreviewed
CVE-2025-30103 was published Jul 30, 2025
The TeleMessage service through 2025-05-05 is based on a JSP application in which the heap... Moderate Unreviewed
CVE-2025-48928 was published May 28, 2025
Unauthorized file access vulnerability in the wallpaper service module. Successful exploitation... Moderate Unreviewed
CVE-2023-52112 was published Jan 16, 2024
The Secure Downloads WordPress plugin before 1.2.3 is vulnerable does not properly restrict which... Moderate Unreviewed
CVE-2024-8031 was published May 15, 2025
A flaw was found in Samba. The smbd service daemon does not pick up group membership changes when... Moderate Unreviewed
CVE-2025-0620 was published Jun 6, 2025
The web portal on airpointer 2.4.107-2 was vulnerable local file inclusion. A malicious user with... Moderate Unreviewed
CVE-2025-4634 was published May 30, 2025
A vulnerability classified as critical was found in SourceCodester Client Database Management... Moderate Unreviewed
CVE-2025-4909 was published May 19, 2025
When creating an OPERATOR user account on the BMC, the redfish plugin saved the auto-generated... Moderate Unreviewed
CVE-2022-3287 was published Sep 29, 2022
Aria Operations for Networks contains a local file read vulnerability. A malicious actor with... Moderate Unreviewed
CVE-2024-22240 was published Feb 6, 2024
A vulnerability, which was classified as problematic, was found in SourceCodester Online Eyewear... Moderate Unreviewed
CVE-2025-2651 was published Mar 23, 2025
A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been rated as... Moderate Unreviewed
CVE-2025-2038 was published Mar 6, 2025
An improper cache key vulnerability was identified in GitHub Enterprise Server that allowed an... Moderate Unreviewed
CVE-2022-23738 was published Nov 1, 2022
The sourceMapURL feature in devtools was missing security checks that would have allowed a... Moderate Unreviewed
CVE-2022-28283 was published Dec 22, 2022
The Download Manager WordPress plugin before 3.3.07 doesn't prevent directory listing on web... Moderate Unreviewed
CVE-2024-13126 was published Mar 16, 2025
WRC-X3200GST3-B v1.25 and earlier, and WRC-G01-W v1.24 and earlier allow a network-adjacent... Moderate Unreviewed
CVE-2024-29225 was published Apr 4, 2024
mndpsingh287 WP File Manager v6.4 and lower fails to restrict external access to the fm_backups... Moderate Unreviewed
CVE-2020-24312 was published May 24, 2022
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302... Moderate Unreviewed
CVE-2025-25267 was published Mar 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database