GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 27,250
Composer 5,336
Erlang 44
GitHub Actions 43
Go 3,181
Maven 6,302
npm 5,159
NuGet 863
pip 4,474
Pub 12
RubyGems 991
Rust 1,185
Swift 51

Unreviewed advisories

All unreviewed 293,692

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

100 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

IntelBras Telefone IP TIP200 and 200 LITE contain an unauthenticated arbitrary file read... High Unreviewed

CVE-2019-25472 was published Mar 11, 2026

A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). The affected... High Unreviewed

CVE-2026-25573 was published Mar 10, 2026

External control of file name or path in Windows Kernel allows an authorized attacker to elevate... High Unreviewed

CVE-2026-24287 was published Mar 10, 2026

Dell Unisphere for PowerMax, version(s) 10.2, contain(s) an External Control of File Name or Path... High Unreviewed

CVE-2026-26360 was published Feb 19, 2026

Dell Unisphere for PowerMax, version(s) 10.2, contain(s) an External Control of File Name or Path... High Unreviewed

CVE-2026-26359 was published Feb 19, 2026

In Infoblox NIOS through 9.0.7, a High-Privileged User Can Trigger an Arbitrary File Write via... High Unreviewed

CVE-2025-61879 was published Feb 12, 2026

A flaw was found in BusyBox. This vulnerability allows an attacker to modify files outside of the... High Unreviewed

CVE-2026-26158 was published Feb 11, 2026

A flaw was found in BusyBox. Incomplete path sanitization in its archive extraction utilities... High Unreviewed

CVE-2026-26157 was published Feb 11, 2026

i-doit Open Source CMDB 1.14.1 contains a file deletion vulnerability in the import module that... High Unreviewed

CVE-2020-37078 was published Feb 4, 2026

webTareas 2.0.p8 contains a file deletion vulnerability in the print_layout.php administration... High Unreviewed

CVE-2020-37080 was published Feb 4, 2026

Hestia Control Panel 1.3.2 contains an arbitrary file write vulnerability that allows... High Unreviewed

CVE-2021-47871 was published Jan 21, 2026

NodeBB Plugin Emoji 3.2.1 contains an arbitrary file write vulnerability that allows... High Unreviewed

CVE-2021-47746 was published Jan 21, 2026

External control of file name or path in Windows Telephony Service allows an authorized attacker... High Unreviewed

CVE-2026-20931 was published Jan 13, 2026

An External Control of File Name or Path vulnerability in smb4k allowsl ocal users to perform a... High Unreviewed

CVE-2025-66003 was published Jan 8, 2026

An external control of file name or path vulnerability has been reported to affect HBS 3 Hybrid... High Unreviewed

CVE-2025-62842 was published Jan 2, 2026

Missing authentication for critical function in Windows Storage VSP Driver allows an authorized... High Unreviewed

CVE-2025-59516 was published Dec 9, 2025

ReQuest Serious Play Media Player 3.0 contains an unauthenticated file disclosure vulnerability... High Unreviewed

CVE-2020-36878 was published Dec 5, 2025

The Cost Calculator Builder plugin for WordPress is vulnerable to arbitrary file deletion due to... High Unreviewed

CVE-2025-12529 was published Dec 2, 2025

Unauthenticated Arbitrary File Deletion (upgrade_contents.php) in DB Electronica... High Unreviewed

CVE-2025-66254 was published Nov 26, 2025

The WP AUDIO GALLERY plugin for WordPress is vulnerable to arbitrary file deletion due to... High Unreviewed

CVE-2025-13322 was published Nov 21, 2025

External control of file name or path in Windows WLAN Service allows an authorized attacker to... High Unreviewed

CVE-2025-59511 was published Nov 11, 2025

The Auto Amazon Links – Amazon Associates Affiliate Plugin plugin for WordPress is vulnerable to... High Unreviewed

CVE-2025-11451 was published Nov 11, 2025

A vulnerability was found in 70mai X200 up to 20251019. This issue affects some unknown... High Unreviewed

CVE-2025-12915 was published Nov 9, 2025

Nagios XI versions prior to 5.7.3 contain a privilege escalation vulnerability in the getprofile... High Unreviewed

CVE-2020-36868 was published Oct 31, 2025

A validation vulnerability exists in an undisclosed URL in the Configuration utility. Note:... High Unreviewed

CVE-2025-59483 was published Oct 15, 2025

Previous1…4 Next

Previous 1 2 3 4 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

100 advisories