GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 31,362
Composer 5,942
Erlang 70
GitHub Actions 52
Go 3,967
Maven 6,619
npm 6,387
NuGet 973
pip 5,262
Pub 13
RubyGems 1,064
Rust 1,387
Swift 56

Unreviewed advisories

All unreviewed 306,485

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

336 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Files or directories accessible to external parties vulnerability in ABB T-MAC Plus. This issue... High Unreviewed

CVE-2025-14771 was published Jun 3, 2026

The administrator account for the Danelec MacGregor Voyage Data Recorder web interface can... Moderate Unreviewed

CVE-2026-40425 was published May 29, 2026

IBM QRadar 7.5.0 through 7.5.0 UP15 Interim Fix 002 could allow a privileged user to upload a... High Unreviewed

CVE-2024-56462 was published May 27, 2026

Files or directories accessible to external parties vulnerability in redis-server component in... Moderate Unreviewed

CVE-2024-11399 was published May 27, 2026

Files or Directories Accessible to External Parties, Server-Side Request Forgery (SSRF)... Moderate Unreviewed

CVE-2026-40564 was published May 26, 2026

Crypt::DSA versions through 1.19 for Perl use 2-args open, allowing existing files to be modified. Unknown Unreviewed

CVE-2026-8704 was published May 16, 2026

A vulnerability in SQL Expressions allows an authenticated attacker to read arbitrary files from... Moderate Unreviewed

CVE-2026-33380 was published May 13, 2026

An authenticated attacker with the Resource Administrator or Administrator role can modify... High Unreviewed

CVE-2026-40631 was published May 13, 2026

A vulnerability exists in iControl SOAP where an authenticated attacker with the Resource... Moderate Unreviewed

CVE-2026-42063 was published May 13, 2026

Files or directories accessible to external parties in Microsoft Office Word allows an... Moderate Unreviewed

CVE-2026-35440 was published May 12, 2026

Files or directories accessible to external parties in Microsoft Teams allows an unauthorized... Moderate Unreviewed

CVE-2026-32185 was published May 12, 2026

The nexent v1.7.5.2 backend service contains an unauthorized arbitrary storage file deletion... Critical Unreviewed

CVE-2026-31216 was published May 12, 2026

The nexent v1.7.5.2 backend service contains an unauthorized arbitrary file deletion... Critical Unreviewed

CVE-2026-31215 was published May 12, 2026

A path handling issue was addressed with improved logic. This issue is fixed in macOS Sequoia 15... High Unreviewed

CVE-2026-39871 was published May 11, 2026

The Magic Export & Import WordPress plugin before 1.2.0 stores exported CSV files at a publicly... Moderate Unreviewed

CVE-2026-5335 was published May 4, 2026

A vulnerability in the AdminServer component of OpenEdge on all supported platforms grants its... High Unreviewed

CVE-2025-7389 was published Apr 14, 2026

CF Image Hosting Script 1.6.5 allows unauthenticated attackers to download and decode the... Critical Unreviewed

CVE-2019-25709 was published Apr 12, 2026

A files or directories accessible to external parties vulnerability in Synology SSL VPN Client... Moderate Unreviewed

CVE-2021-47960 was published Apr 10, 2026

Ruckus Access Point products contain an arbitrary file read vulnerability in the command-line... Moderate Unreviewed

CVE-2021-4474 was published Mar 26, 2026

From Panorama Web HMI, an attacker can gain read access to certain Web HMI server files, if he... High Unreviewed

CVE-2026-4760 was published Mar 25, 2026

ZKTeco ZKAccess Professional 3.5.3 contains an insecure file permissions vulnerability that... High Unreviewed

CVE-2016-20025 was published Mar 16, 2026

Local File Inclusion in Contact Plan, E-Mail, SMS and Fax components in Asseco SEE Live 2.0... Moderate Unreviewed

CVE-2025-66955 was published Mar 12, 2026

EverSync 0.5 contains an arbitrary file download vulnerability that allows unauthenticated... High Unreviewed

CVE-2018-25164 was published Mar 6, 2026

An attacker may perform unauthenticated read and write operations on sensitive filesystem areas... Critical Unreviewed

CVE-2026-2331 was published Mar 6, 2026

An attacker may access restricted filesystem areas on the device via the CROWN REST interface due... Critical Unreviewed

CVE-2026-2330 was published Mar 6, 2026

Previous1…14 Next

Previous 1 2 3 4 5 … 13 14 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

336 advisories