Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
70
GitHub Actions
52
Go
3,967
Maven
5,000+
npm
5,000+
NuGet
973
pip
5,000+
Pub
13
RubyGems
1,064
Rust
1,387
Swift
56
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

151 advisories

Loading
IBM QRadar 7.5.0 through 7.5.0 UP15 Interim Fix 002 could allow a privileged user to upload a... High Unreviewed
CVE-2024-56462 was published May 27, 2026
Files or directories accessible to external parties vulnerability in ABB T-MAC Plus. This issue... High Unreviewed
CVE-2025-14771 was published Jun 3, 2026
Files or Directories Accessible to External Parties vulnerability in Agito Computer Health4All... High Unreviewed
CVE-2024-12917 was published Feb 24, 2025
Files or Directories Accessible to External Parties vulnerability in Saysis Starcities allows... High Unreviewed
CVE-2023-1246 was published Mar 10, 2023
An authenticated attacker with the Resource Administrator or Administrator role can modify... High Unreviewed
CVE-2026-40631 was published May 13, 2026
A path handling issue was addressed with improved logic. This issue is fixed in macOS Sequoia 15... High Unreviewed
CVE-2026-39871 was published May 11, 2026
A vulnerability in the AdminServer component of OpenEdge on all supported platforms grants its... High Unreviewed
CVE-2025-7389 was published Apr 14, 2026
The Content Blocks (Custom Post Widget) plugin for WordPress is vulnerable to Local File... High Unreviewed
CVE-2024-3564 was published Jun 1, 2024
The Backup Migration plugin for WordPress is vulnerable to unauthorized access of data due to... High Unreviewed
CVE-2023-6266 was published Jan 11, 2024
From Panorama Web HMI, an attacker can gain read access to certain Web HMI server files, if he... High Unreviewed
CVE-2026-4760 was published Mar 25, 2026
Improper Input Validation, Files or Directories Accessible to External Parties vulnerability in... High Unreviewed
CVE-2023-4550 was published Jan 29, 2024
ZKTeco ZKAccess Professional 3.5.3 contains an insecure file permissions vulnerability that... High Unreviewed
CVE-2016-20025 was published Mar 16, 2026
MRCMS 3.0 contains an Arbitrary File Read vulnerability in /admin/file/edit.do as the incoming... High Unreviewed
CVE-2024-24161 was published Feb 2, 2024
EverSync 0.5 contains an arbitrary file download vulnerability that allows unauthenticated... High Unreviewed
CVE-2018-25164 was published Mar 6, 2026
webERP 4.15.1 contains an unauthenticated file access vulnerability that allows remote attackers... High Unreviewed
CVE-2020-37082 was published Feb 4, 2026
Arbitrary file deletion vulnerability have been identified in a system function of mobility... High Unreviewed
CVE-2025-37168 was published Jan 13, 2026
Microhard Systems IPn4G 1.1.0 contains a configuration file disclosure vulnerability that allows... High Unreviewed
CVE-2018-25145 was published Dec 24, 2025
V-SOL GPON/EPON OLT Platform 2.03 contains an unauthenticated information disclosure... High Unreviewed
CVE-2019-25239 was published Dec 24, 2025
due to insufficient sanitazation in Vega’s `convert()` function when `safeMode` is enabled and... High Unreviewed
CVE-2025-14896 was published Dec 18, 2025
A vulnerability exists in Sitecore Experience Manager (XM), Experience Platform (XP), Experience... High Unreviewed
CVE-2025-34139 was published Jul 25, 2025
JavaScript pre-processing can be used by the attacker to gain access to the file system (read... High Unreviewed
CVE-2023-29450 was published Jul 13, 2023
A vulnerability has been identified in Omnivise T3000 Application Server (All versions >= R9.2),... High Unreviewed
CVE-2024-38876 was published Aug 2, 2024
Roundcube Webmail before 1.1.10, 1.2.x before 1.2.7, and 1.3.x before 1.3.3 allows unauthorized... High Unreviewed
CVE-2017-16651 was published May 13, 2022
An arbitrary file download vulnerability in the web interface of Juniper Networks Junos Space... High Unreviewed
CVE-2025-59976 was published Oct 9, 2025
Elevation of Privileges in the cleaning feature of Gen Digital CCleaner version 6.33.11465 on... High Unreviewed
CVE-2025-3025 was published Sep 15, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database