GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,708
Composer 4,851
Erlang 36
GitHub Actions 35
Go 2,480
Maven 5,894
npm 4,098
NuGet 734
pip 3,914
Pub 12
RubyGems 945
Rust 1,016
Swift 39

Unreviewed advisories

All unreviewed 267,645

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

173 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A weakness has been identified in Campcodes Payroll Management System 1.0. The affected element... Moderate Unreviewed

CVE-2025-9529 was published Aug 27, 2025

The Wptobe-memberships plugin for WordPress is vulnerable to arbitrary file deletion due to... High Unreviewed

CVE-2025-9048 was published Aug 23, 2025

A vulnerability in the web-based management interface of Cisco Evolved Programmable Network... Moderate Unreviewed

CVE-2025-20269 was published Aug 20, 2025

Foxit PDF Reader < 4.3.1.0218 exposes a JavaScript API function, createDataObject(), that allows... High Unreviewed

CVE-2011-10030 was published Aug 20, 2025

External control of file name or path in Windows Security App allows an authorized attacker to... Moderate Unreviewed

CVE-2025-53769 was published Aug 12, 2025

: External Control of File Name or Path vulnerability in TAGFREE X-Free Uploader XFU allows :... High Unreviewed

CVE-2025-29866 was published Aug 7, 2025

The go command may execute unexpected commands when operating in untrusted VCS repositories. This... High Unreviewed

CVE-2025-4674 was published Jul 30, 2025

The Alone – Charity Multipurpose Non-profit WordPress Theme theme for WordPress is vulnerable to... Critical Unreviewed

CVE-2025-5393 was published Jul 15, 2025

The SureForms – Drag and Drop Form Builder for WordPress plugin for WordPress is vulnerable to... High Unreviewed

CVE-2025-6691 was published Jul 9, 2025

External control of file name or path in Windows Storage allows an authorized attacker to perform... Low Unreviewed

CVE-2025-49760 was published Jul 8, 2025

The Forminator Forms – Contact Form, Payment Form & Custom Form Builder plugin for WordPress is... High Unreviewed

CVE-2025-6463 was published Jul 2, 2025

IBM QRadar SIEM 7.5 through 7.5.0 Update Package 12 could allow a privileged user to modify... Critical Unreviewed

CVE-2025-33117 was published Jun 19, 2025

External control of file name or path issue exists in RICOH Streamline NX V3 PC Client versions 3... Moderate Unreviewed

CVE-2025-36506 was published Jun 13, 2025

External control of file name or path in Windows Security App allows an authorized attacker to... Moderate Unreviewed

CVE-2025-47956 was published Jun 10, 2025

External control of file name or path in WebDAV allows an unauthorized attacker to execute code... High Unreviewed

CVE-2025-33053 was published Jun 10, 2025

An external control of file name or path vulnerability in the download file function of Soar... High Unreviewed

CVE-2025-48781 was published Jun 6, 2025

An external control of file name or path vulnerability in the delete file function of Soar Cloud... High Unreviewed

CVE-2025-48783 was published Jun 6, 2025

Kea configuration and API directives can be used to overwrite arbitrary files, subject to... Moderate Unreviewed

CVE-2025-32802 was published May 28, 2025

The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to Arbitrary File... Moderate Unreviewed

CVE-2025-4602 was published May 24, 2025

The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed

CVE-2025-4603 was published May 24, 2025

Predictable filename vulnerabilities in ASPECT may expose sensitive information to a potential... High Unreviewed

CVE-2024-51553 was published May 22, 2025

File corruption vulnerabilities in ASPECT provide attackers access to overwrite sys-tem files if... High Unreviewed

CVE-2025-2409 was published May 22, 2025

The WPBot Pro Wordpress Chatbot plugin for WordPress is vulnerable to arbitrary file deletion due... High Unreviewed

CVE-2025-3812 was published May 17, 2025

External control of file name or path in Microsoft Defender for Endpoint allows an authorized... Moderate Unreviewed

CVE-2025-26684 was published May 13, 2025

The Event Manager, Events Calendar, Tickets, Registrations – Eventin plugin for WordPress is... High Unreviewed

CVE-2025-3419 was published May 8, 2025

Previous1…7 Next

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

173 advisories