GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,497
Composer 4,963
Erlang 39
GitHub Actions 38
Go 2,615
Maven 6,096
npm 4,255
NuGet 760
pip 4,036
Pub 12
RubyGems 953
Rust 1,049
Swift 45

Unreviewed advisories

All unreviewed 275,677

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

90 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The Import WP – Export and Import CSV and XML files to WordPress plugin for WordPress is... Moderate Unreviewed

CVE-2025-12137 was published Nov 1, 2025

External Control of File Name or Path vulnerability in opentext Flipper allows Path Traversal. ... Moderate Unreviewed

CVE-2025-8050 was published Oct 21, 2025

External Control of File Name or Path vulnerability in opentext Flipper allows Path Traversal.... Moderate Unreviewed

CVE-2025-8048 was published Oct 20, 2025

External control of file name or path in Windows NTLM allows an unauthorized attacker to perform... Moderate Unreviewed

CVE-2025-24054 was published Mar 11, 2025

NTLM Hash Disclosure Spoofing Vulnerability Moderate Unreviewed

CVE-2024-43451 was published Nov 12, 2024

The Media Library Assistant plugin for WordPress is vulnerable to limited file reading in all... Moderate Unreviewed

CVE-2025-11738 was published Oct 18, 2025

External control of file name or path in Windows Core Shell allows an unauthorized attacker to... Moderate Unreviewed

CVE-2025-59185 was published Oct 14, 2025

External control of file name or path in Windows Core Shell allows an unauthorized attacker to... Moderate Unreviewed

CVE-2025-59244 was published Oct 14, 2025

An authenticated file deletion vulnerability in the Palo Alto Networks PAN-OS® software enables... Moderate Unreviewed

CVE-2025-0124 was published Apr 11, 2025

IBM Watson Query on Cloud Pak for Data 4.0.0 through 4.0.9, 4.5.0 through 4.5.3, 4.6.0 through 4... Moderate Unreviewed

CVE-2024-22341 was published Feb 22, 2025

Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in... Moderate Unreviewed

CVE-2024-47265 was published Feb 13, 2025

A security flaw has been discovered in Campcodes Recruitment Management System 1.0. This impacts... Moderate Unreviewed

CVE-2025-9920 was published Sep 9, 2025

A weakness has been identified in Campcodes Payroll Management System 1.0. The affected element... Moderate Unreviewed

CVE-2025-9529 was published Aug 27, 2025

A vulnerability in the web-based management interface of Cisco Evolved Programmable Network... Moderate Unreviewed

CVE-2025-20269 was published Aug 20, 2025

External control of file name or path in Windows Security App allows an authorized attacker to... Moderate Unreviewed

CVE-2025-53769 was published Aug 12, 2025

External control of file name or path issue exists in RICOH Streamline NX V3 PC Client versions 3... Moderate Unreviewed

CVE-2025-36506 was published Jun 13, 2025

External control of file name or path in Windows Security App allows an authorized attacker to... Moderate Unreviewed

CVE-2025-47956 was published Jun 10, 2025

CloudLinux CageFS 7.0.8-2 or below insufficiently restricts file paths supplied to the sendmail... Moderate Unreviewed

CVE-2020-36772 was published Jan 22, 2024

Kea configuration and API directives can be used to overwrite arbitrary files, subject to... Moderate Unreviewed

CVE-2025-32802 was published May 28, 2025

The eMagicOne Store Manager for WooCommerce plugin for WordPress is vulnerable to Arbitrary File... Moderate Unreviewed

CVE-2025-4602 was published May 24, 2025

External control of file name or path in Microsoft Defender for Endpoint allows an authorized... Moderate Unreviewed

CVE-2025-26684 was published May 13, 2025

Gee-netics, member of AXIS Camera Station Pro Bug Bounty Program, has identified an issue with a... Moderate Unreviewed

CVE-2025-1056 was published Apr 23, 2025

External control of file name or path in Azure Portal Windows Admin Center allows an unauthorized... Moderate Unreviewed

CVE-2025-29819 was published Apr 8, 2025

A vulnerability, which was classified as critical, was found in Legrand SMS PowerView 1.x.... Moderate Unreviewed

CVE-2025-2982 was published Mar 31, 2025

Trend Micro VPN Proxy One Pro, version 5.8.1012 and below is vulnerable to an arbitrary file... Moderate Unreviewed

CVE-2024-36473 was published Jun 11, 2024

Previous1…4 Next

Previous 1 2 3 4 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

90 advisories