Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,873
Erlang
37
GitHub Actions
36
Go
2,519
Maven
5,000+
npm
4,156
NuGet
736
pip
3,956
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

7,192 advisories

Loading
The Assistant for NextGEN Gallery plugin for WordPress is vulnerable to arbitrary directory... High Unreviewed
CVE-2025-7641 was published Aug 15, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2025-54715 was published Aug 14, 2025
Python-Future Module Arbitrary Code Execution via Unintended Import of test.py High
CVE-2025-50817 was published for future (pip) Aug 14, 2025
BarrensZeppelin
UnForm Server Manager versions prior to 10.1.12 expose an unauthenticated file read vulnerability... Critical Unreviewed
CVE-2025-34154 was published Aug 13, 2025
Umbraco CMS versions prior to 4.7.1 are vulnerable to unauthenticated remote code execution via... Critical Unreviewed
CVE-2012-10054 was published Aug 13, 2025
S40 CMS v0.4.2 contains a path traversal vulnerability in its index.php page handler. The p... High Unreviewed
CVE-2011-10009 was published Aug 13, 2025
QuickShare File Server 1.2.1 contains a path traversal vulnerability in its FTP service due to... Critical Unreviewed
CVE-2011-10010 was published Aug 13, 2025
NVIDIA NeMo library for all platforms contains a vulnerability in the model loading component,... High Unreviewed
CVE-2025-23304 was published Aug 13, 2025
A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled... High Unreviewed
CVE-2025-8941 was published Aug 13, 2025
Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability,... High Unreviewed
CVE-2025-8912 was published Aug 13, 2025
Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability,... High Unreviewed
CVE-2025-8909 was published Aug 13, 2025
Several WordPress plugins using elFinder versions 2.1.64 and prior are vulnerable to Directory... Moderate Unreviewed
CVE-2025-0818 was published Aug 13, 2025
An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability ... Moderate Unreviewed
CVE-2024-52964 was published Aug 12, 2025
Improper authentication in Azure Stack allows an unauthorized attacker to disclose information... High Unreviewed
CVE-2025-53793 was published Aug 12, 2025
Adobe Commerce versions 2.4.9-alpha1, 2.4.8-p1, 2.4.7-p6, 2.4.6-p11, 2.4.5-p13, 2.4.4-p14 and... Moderate Unreviewed
CVE-2025-49559 was published Aug 12, 2025
The Elementor plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to,... Moderate Unreviewed
CVE-2025-8081 was published Aug 12, 2025
Due to directory traversal vulnerability in SAP S/4HANA (Bank Communication Management), an... Moderate Unreviewed
CVE-2025-42946 was published Aug 12, 2025
The WooCommerce Purchase Orders plugin for WordPress is vulnerable to arbitrary file deletion due... High Unreviewed
CVE-2025-5391 was published Aug 12, 2025
Omnissa Workspace ONE UEM contains a Secondary Context Path Traversal Vulnerability. A malicious... High Unreviewed
CVE-2025-25231 was published Aug 11, 2025
TinyScientist has Path Traversal Vulnerability in PDF Review Function (CWE-22) Moderate
CVE-2025-55149 was published for tiny-scientist (pip) Aug 11, 2025
A vulnerability was found in 猫宁i Morning up to bc782730c74ff080494f145cc363a0b4f43f7d3e. It has... Moderate Unreviewed
CVE-2025-8815 was published Aug 10, 2025
A vulnerability, which was classified as critical, has been found in linlinjava litemall up to 1... Moderate Unreviewed
CVE-2025-8753 was published Aug 9, 2025
Zenoss Core 3.x contains a command injection vulnerability in the showDaemonXMLConfig endpoint.... High Unreviewed
CVE-2012-10048 was published Aug 8, 2025
A vulnerability in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab through 9.8... Critical Unreviewed
CVE-2025-52913 was published Aug 8, 2025
In Xerox FreeFlow Core version 8.0.4, an attacker can exploit a Path Traversal vulnerability to... Critical Unreviewed
CVE-2025-8356 was published Aug 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database