Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,743
Erlang
35
GitHub Actions
29
Go
2,315
Maven
5,000+
npm
3,949
NuGet
711
pip
3,729
Pub
12
RubyGems
920
Rust
965
Swift
38
Unreviewed advisories
All unreviewed
5,000+

334 advisories

Loading
YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified Critical Unreviewed
CVE-2025-40908 was published Jun 1, 2025
The web portal on airpointer 2.4.107-2 was vulnerable local file inclusion. A malicious user with... Moderate Unreviewed
CVE-2025-4634 was published May 30, 2025
Markdownify MCP Server allows attackers to read arbitrary files Moderate
CVE-2025-5273 was published for mcp-markdownify-server (npm) May 29, 2025
Lack of file validation in do_update_vps in Avast Business Antivirus for Linux 4.5 on Linux... High Unreviewed
CVE-2025-4134 was published May 28, 2025
An arbitrary file read vulnerability in the ReadTextAsynchronous function of SSCMS v7.3.1 allows... High Unreviewed
CVE-2025-45529 was published May 27, 2025
A vulnerability classified as critical was found in SourceCodester Client Database Management... Moderate Unreviewed
CVE-2025-4909 was published May 19, 2025
A vulnerability was discovered in Pagure server. If a malicious user were to submit a git... High Unreviewed
CVE-2024-4981 was published May 12, 2025
A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges to... High Unreviewed
CVE-2025-32819 was published May 7, 2025
Local File Inclusion vulnerability in Ready's attachment upload panel allows low privileged user... High Unreviewed
CVE-2025-1982 was published Apr 16, 2025
CWE-552: Files or Directories Accessible to External Parties vulnerability over https exists that... High Unreviewed
CVE-2025-2222 was published Apr 9, 2025
A vulnerability, which was classified as problematic, was found in SourceCodester Online Eyewear... Moderate Unreviewed
CVE-2025-2651 was published Mar 23, 2025
The Download Manager WordPress plugin before 3.3.07 doesn't prevent directory listing on web... Moderate Unreviewed
CVE-2024-13126 was published Mar 16, 2025
The ReadFile endpoint of the firmware for Mennekes Smart / Premium Chargingpoints can be abused... High Unreviewed
CVE-2025-22369 was published Mar 11, 2025
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302... High Unreviewed
CVE-2025-25266 was published Mar 11, 2025
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302... Moderate Unreviewed
CVE-2025-25267 was published Mar 11, 2025
A files or directories accessible to external parties vulnerability has been reported to affect... Moderate Unreviewed
CVE-2024-48864 was published Mar 7, 2025
A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been rated as... Moderate Unreviewed
CVE-2025-2038 was published Mar 6, 2025
SeaCMS 13.3 was discovered to contain an arbitrary file read vulnerability in the... Moderate Unreviewed
CVE-2025-25799 was published Mar 6, 2025
Moodle has an arbitrary file read risk through pdfTeX High
CVE-2025-26525 was published for moodle/moodle (Composer) Feb 24, 2025
Files or Directories Accessible to External Parties vulnerability in Agito Computer Health4All... High Unreviewed
CVE-2024-12917 was published Feb 24, 2025
An attacker could obtain firmware files and reverse engineer their intended use leading to loss... Moderate Unreviewed
CVE-2025-23421 was published Feb 14, 2025
In Progress® Telerik® Document Processing Libraries, versions prior to 2025 Q1 (2025.1.205),... High Unreviewed
CVE-2024-11629 was published Feb 12, 2025
An insecure direct object reference vulnerability in GitLab EE affecting all versions from 15.7... Moderate Unreviewed
CVE-2025-1042 was published Feb 12, 2025
Local File Inclusion vulnerability in dhtmlxFileExplorer v.8.4.6 allows a remote attacker to... High Unreviewed
CVE-2024-55214 was published Feb 7, 2025
Directory Traversal vulnerability in dhtmlxFileExplorer v.8.4.6 allows a remote attacker to... High Unreviewed
CVE-2024-55213 was published Feb 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database