GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 27,112
Composer 5,317
Erlang 42
GitHub Actions 43
Go 3,153
Maven 6,299
npm 5,105
NuGet 861
pip 4,451
Pub 12
RubyGems 991
Rust 1,179
Swift 50

Unreviewed advisories

All unreviewed 293,208

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

241 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

IntelBras Telefone IP TIP200 and 200 LITE contain an unauthenticated arbitrary file read... High Unreviewed

CVE-2019-25472 was published Mar 11, 2026

External Control of File Name or Path in the Mail feature of Zoom Workplace for Windows before 6... Critical Unreviewed

CVE-2026-30903 was published Mar 11, 2026

A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). The affected... Moderate Unreviewed

CVE-2026-25605 was published Mar 10, 2026

A vulnerability has been identified in SICAM SIAPP SDK (All versions < V2.1.7). The affected... High Unreviewed

CVE-2026-25573 was published Mar 10, 2026

External control of file name or path in Windows Kernel allows an authorized attacker to elevate... High Unreviewed

CVE-2026-24287 was published Mar 10, 2026

Dell Unisphere for PowerMax, version(s) 10.2, contain(s) an External Control of File Name or Path... High Unreviewed

CVE-2026-26360 was published Feb 19, 2026

Dell Unisphere for PowerMax, version(s) 10.2, contain(s) an External Control of File Name or Path... High Unreviewed

CVE-2026-26359 was published Feb 19, 2026

Dell Unisphere for PowerMax, version(s) 10.2, contain(s) an External Control of File Name or Path... Moderate Unreviewed

CVE-2026-26361 was published Feb 19, 2026

In Infoblox NIOS through 9.0.7, a High-Privileged User Can Trigger an Arbitrary File Write via... High Unreviewed

CVE-2025-61879 was published Feb 12, 2026

A flaw was found in BusyBox. Incomplete path sanitization in its archive extraction utilities... High Unreviewed

CVE-2026-26157 was published Feb 11, 2026

A flaw was found in BusyBox. This vulnerability allows an attacker to modify files outside of the... High Unreviewed

CVE-2026-26158 was published Feb 11, 2026

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform... Low Unreviewed

CVE-2026-21249 was published Feb 10, 2026

An arbitrary file overwrite vulnerability in the file import process of Comic Book Reader v1.0.95... Moderate Unreviewed

CVE-2025-69621 was published Feb 4, 2026

i-doit Open Source CMDB 1.14.1 contains a file deletion vulnerability in the import module that... High Unreviewed

CVE-2020-37078 was published Feb 4, 2026

webTareas 2.0.p8 contains a file deletion vulnerability in the print_layout.php administration... High Unreviewed

CVE-2020-37080 was published Feb 4, 2026

Hestia Control Panel 1.3.2 contains an arbitrary file write vulnerability that allows... High Unreviewed

CVE-2021-47871 was published Jan 21, 2026

NodeBB Plugin Emoji 3.2.1 contains an arbitrary file write vulnerability that allows... High Unreviewed

CVE-2021-47746 was published Jan 21, 2026

An arbitrary file read vulnerability exists in the encapsulatedDoc functionality of MedDream PACS... Critical Unreviewed

CVE-2025-53912 was published Jan 20, 2026

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform... Moderate Unreviewed

CVE-2026-20925 was published Jan 13, 2026

External control of file name or path in Windows Telephony Service allows an authorized attacker... High Unreviewed

CVE-2026-20931 was published Jan 13, 2026

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform... Moderate Unreviewed

CVE-2026-20872 was published Jan 13, 2026

An External Control of File Name or Path vulnerability in smb4k allowsl ocal users to perform a... High Unreviewed

CVE-2025-66003 was published Jan 8, 2026

The EmailKit plugin for WordPress is vulnerable to Arbitrary File Read via Path Traversal in all... Moderate Unreviewed

CVE-2025-14059 was published Jan 7, 2026

An external control of file name or path vulnerability has been reported to affect HBS 3 Hybrid... High Unreviewed

CVE-2025-62842 was published Jan 2, 2026

The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to... Low Unreviewed

CVE-2025-12654 was published Dec 21, 2025

Previous1…10 Next

Previous 1 2 3 4 5 … 9 10 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

241 advisories