GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 27,250
Composer 5,336
Erlang 44
GitHub Actions 43
Go 3,181
Maven 6,302
npm 5,159
NuGet 863
pip 4,474
Pub 12
RubyGems 991
Rust 1,185
Swift 51

Unreviewed advisories

All unreviewed 293,693

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

241 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Simple WP Events plugin for WordPress is vulnerable to arbitrary file deletion due to... Critical Unreviewed

CVE-2025-2004 was published Apr 8, 2025

After selecting a malicious Windows `.url` shortcut from the local filesystem, an unexpected file... High Unreviewed

CVE-2025-3033 was published Apr 1, 2025

A vulnerability, which was classified as critical, was found in Legrand SMS PowerView 1.x.... Moderate Unreviewed

CVE-2025-2982 was published Mar 31, 2025

The Product Import Export for WooCommerce – Import Export Product CSV Suite plugin for WordPress... Low Unreviewed

CVE-2025-1911 was published Mar 26, 2025

An External Control of File Name or Path vulnerability in the APROL Web Portal used in B&R APROL ... High Unreviewed

CVE-2024-10210 was published Mar 25, 2025

The Export and Import Users and Customers plugin for WordPress is vulnerable to arbitrary file... Low Unreviewed

CVE-2025-1972 was published Mar 22, 2025

The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to arbitrary... Low Unreviewed

CVE-2024-13922 was published Mar 20, 2025

eosphoros-ai/DB-GPT version latest is vulnerable to arbitrary file deletion on Windows systems... High Unreviewed

CVE-2025-0452 was published Mar 20, 2025

eosphoros-ai/db-gpt version 0.6.0 contains a vulnerability in the RAG-knowledge endpoint that... Critical Unreviewed

CVE-2024-10834 was published Mar 20, 2025

An arbitrary file deletion vulnerability exists in danny-avila/librechat version v0.7.5-rc2,... High Unreviewed

CVE-2024-10361 was published Mar 20, 2025

An external control of file name or path vulnerability [CWE-73] in FortiClientMac version 7.2.3... High Unreviewed

CVE-2023-45588 was published Mar 14, 2025

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform... Moderate Unreviewed

CVE-2025-24996 was published Mar 11, 2025

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform... Moderate Unreviewed

CVE-2025-24054 was published Mar 11, 2025

The CS Framework plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to,... High Unreviewed

CVE-2024-12036 was published Mar 7, 2025

There is a local file inclusion vulnerability in ArcGIS Server 10.9.1 thru 11.3 that may allow a... High Unreviewed

CVE-2024-51961 was published Mar 3, 2025

The Simple Download Counter plugin for WordPress is vulnerable to Arbitrary File Read in all... Moderate Unreviewed

CVE-2025-1730 was published Mar 1, 2025

The account file upload functionality in Syspass 3.2.x fails to properly handle special... Moderate Unreviewed

CVE-2025-25478 was published Mar 1, 2025

HkCms v2.3.2.240702 was discovered to contain an arbitrary file write vulnerability in the... High Unreviewed

CVE-2025-25761 was published Feb 27, 2025

IBM Watson Query on Cloud Pak for Data 4.0.0 through 4.0.9, 4.5.0 through 4.5.3, 4.6.0 through 4... Moderate Unreviewed

CVE-2024-22341 was published Feb 22, 2025

External control of a file name in Ivanti Connect Secure before version 22.7R2.4 and Ivanti... Critical Unreviewed

CVE-2024-38657 was published Feb 21, 2025

Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in... Moderate Unreviewed

CVE-2024-47265 was published Feb 13, 2025

An unauthenticated file deletion vulnerability in the Palo Alto Networks PAN-OS management web... Moderate Unreviewed

CVE-2025-0109 was published Feb 12, 2025

An authenticated file read vulnerability in the Palo Alto Networks PAN-OS software enables an... High Unreviewed

CVE-2025-0111 was published Feb 12, 2025

NTLM Hash Disclosure Spoofing Vulnerability Moderate Unreviewed

CVE-2025-21377 was published Feb 11, 2025

External control of a file name in Ivanti Connect Secure before version 22.7R2.6 and Ivanti... Moderate Unreviewed

CVE-2024-12058 was published Feb 11, 2025

Previous 1…5…10 Next

Previous 1 2 3 4 5 6 7 8 9 10 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

241 advisories