Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,633
Erlang
34
GitHub Actions
25
Go
2,241
Maven
5,000+
npm
3,902
NuGet
701
pip
3,669
Pub
12
RubyGems
914
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

6,712 advisories

Loading
The Avatar plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file... High Unreviewed
CVE-2025-3520 was published Apr 18, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-39568 was published Apr 17, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2025-27299 was published Apr 17, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2025-27283 was published Apr 17, 2025
The WP Editor plugin for WordPress is vulnerable to arbitrary file read in all versions up to,... Moderate Unreviewed
CVE-2025-3295 was published Apr 17, 2025
The WP Editor plugin for WordPress is vulnerable to arbitrary file update due to missing file... High Unreviewed
CVE-2025-3294 was published Apr 17, 2025
PHPGurukul Pre-School Enrollment System is vulnerable to Directory Traversal in manage-teachers.php. High Unreviewed
CVE-2025-28072 was published Apr 16, 2025
A vulnerability classified as problematic was found in misstt123 oasys 1.0. Affected by this... Moderate Unreviewed
CVE-2025-3686 was published Apr 16, 2025
A zip slip vulnerability in the component \service\migrate\MigrateForm.java of JEEWMS v3.7 allows... Moderate Unreviewed
CVE-2025-29213 was published Apr 15, 2025
By crafting a malformed file name for an attachment in a multipart message, an attacker can trick... Moderate Unreviewed
CVE-2025-2830 was published Apr 15, 2025
The vulnerability allows any authenticated user to leak the contents of arbitrary “.m3u8” files... Low Unreviewed
CVE-2025-32943 was published Apr 15, 2025
A vulnerability was found in Yonyou YonBIP MA2.7. It has been declared as problematic. Affected... Moderate Unreviewed
CVE-2025-3562 was published Apr 14, 2025
A vulnerability classified as critical was found in frdel Agent-Zero 0.8.1.2. This vulnerability... Moderate Unreviewed
CVE-2025-3547 was published Apr 14, 2025
mholt/archiver Vulnerable to Path Traversal via Crafted ZIP File High
CVE-2025-3445 was published for github.com/mholt/archiver (Go) Apr 14, 2025
A path handling issue was addressed with improved validation. This issue is fixed in iOS 17 and... Moderate Unreviewed
CVE-2023-42961 was published Apr 11, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-32671 was published Apr 11, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-32631 was published Apr 11, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-32629 was published Apr 11, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-32633 was published Apr 11, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-32587 was published Apr 11, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-32509 was published Apr 11, 2025
The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to Local... Critical Unreviewed
CVE-2025-2636 was published Apr 11, 2025
SurrealDB has local file read of 2-column TSV files via analyzers Low
GHSA-2cvj-g5r5-jrrg was published for surrealdb (Rust) Apr 10, 2025
cure53
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2025-31411 was published Apr 10, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Low Unreviewed
CVE-2025-32205 was published Apr 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database