GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,387
Composer 4,669
Erlang 34
GitHub Actions 26
Go 2,262
Maven 5,521
npm 3,912
NuGet 705
pip 3,681
Pub 12
RubyGems 916
Rust 943
Swift 38

Unreviewed advisories

All unreviewed 253,437

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

5,603 advisories

Filter by severity

Sort by

Least recently updated

Quick Agent V3 and Quick Agent V2 contain an issue with improper limitation of a pathname to a... High Unreviewed

CVE-2025-27937 was published Apr 28, 2025

Quick Agent V3 and Quick Agent V2 contain an issue with improper limitation of a pathname to a... Critical Unreviewed

CVE-2025-26692 was published Apr 28, 2025

An issue in the Printer Manager Systm of Entrust Corp Printer Manager D3.18.4-3 and below allows... Moderate Unreviewed

CVE-2025-28354 was published Apr 25, 2025

The Mayosis Core plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to,... High Unreviewed

CVE-2025-1565 was published Apr 25, 2025

The Database Toolset plugin is vulnerable to arbitrary file deletion due to insufficient file... Critical Unreviewed

CVE-2025-3065 was published Apr 24, 2025

The WPMasterToolKit (WPMTK) – All in one plugin plugin for WordPress is vulnerable to Directory... High Unreviewed

CVE-2025-3300 was published Apr 24, 2025

A path traversal vulnerability in Commvault Command Center Innovation Release allows an... Critical Unreviewed

CVE-2025-34028 was published Apr 22, 2025

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause an improper... High Unreviewed

CVE-2025-23250 was published Apr 22, 2025

**UNSUPPORTED WHEN ASSIGNED** A path traversal vulnerability in the web management interface of... Moderate Unreviewed

CVE-2025-3577 was published Apr 22, 2025

A vulnerability exists in the daemon process of the Yi IOT XY-3820 v6.0.24.10, which exposes a... Critical Unreviewed

CVE-2025-29660 was published Apr 21, 2025

Local File Inclusion (LFI) vulnerability in a Render function of Formulatrix Rock Maker Web (RMW)... Critical Unreviewed

CVE-2025-0632 was published Apr 21, 2025

In Infodraw Media Relay Service (MRS) 7.1.0.0, the MRS web server (on port 12654) allows reading... Moderate Unreviewed

CVE-2025-43928 was published Apr 20, 2025

GNU Mailman 2.1.39, as bundled in cPanel (and WHM), allows unauthenticated attackers to read... Moderate Unreviewed

CVE-2025-43919 was published Apr 20, 2025

The Download Manager plugin for WordPress is vulnerable to arbitrary file deletion due to... High Unreviewed

CVE-2025-3404 was published Apr 19, 2025

The Avatar plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient file... High Unreviewed

CVE-2025-3520 was published Apr 18, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed

CVE-2025-39568 was published Apr 17, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed

CVE-2025-27299 was published Apr 17, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed

CVE-2025-27283 was published Apr 17, 2025

The WP Editor plugin for WordPress is vulnerable to arbitrary file read in all versions up to,... Moderate Unreviewed

CVE-2025-3295 was published Apr 17, 2025

The WP Editor plugin for WordPress is vulnerable to arbitrary file update due to missing file... High Unreviewed

CVE-2025-3294 was published Apr 17, 2025

PHPGurukul Pre-School Enrollment System is vulnerable to Directory Traversal in manage-teachers.php. High Unreviewed

CVE-2025-28072 was published Apr 16, 2025

A vulnerability classified as problematic was found in misstt123 oasys 1.0. Affected by this... Moderate Unreviewed

CVE-2025-3686 was published Apr 16, 2025

A zip slip vulnerability in the component \service\migrate\MigrateForm.java of JEEWMS v3.7 allows... Moderate Unreviewed

CVE-2025-29213 was published Apr 15, 2025

By crafting a malformed file name for an attachment in a multipart message, an attacker can trick... Moderate Unreviewed

CVE-2025-2830 was published Apr 15, 2025

The vulnerability allows any authenticated user to leak the contents of arbitrary “.m3u8” files... Low Unreviewed

CVE-2025-32943 was published Apr 15, 2025

Previous 1 2 3 4 5 … 224 225 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

5,603 advisories