GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
Filter advisories
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
101
GitHub Actions
54
Go
4,295
Maven
5,000+
npm
5,000+
NuGet
1,029
pip
5,000+
Pub
13
RubyGems
1,107
Rust
1,492
Swift
61
Unreviewed advisories
All unreviewed
5,000+
420 advisories
Filter by severity
Multiple Brother driver installers for Windows contain a privilege escalation vulnerability. If...
High
Unreviewed
CVE-2025-49797
was published
Jun 26, 2025
Gogs allows deletion of internal files which leads to remote command execution
Critical
CVE-2024-56731
was published
for
gogs.io/gogs
(Go)
Jun 24, 2025
A flaw was found in Samba. The smbd service daemon does not pick up group membership changes when...
Moderate
Unreviewed
CVE-2025-0620
was published
Jun 6, 2025
YAML-LibYAML prior to 0.903.0 for Perl uses 2-args open, allowing existing files to be modified
Critical
Unreviewed
CVE-2025-40908
was published
Jun 1, 2025
The web portal on airpointer 2.4.107-2 was vulnerable local file inclusion. A malicious user with...
Moderate
Unreviewed
CVE-2025-4634
was published
May 30, 2025
Markdownify MCP Server allows attackers to read arbitrary files
Moderate
CVE-2025-5273
was published
for
mcp-markdownify-server
(npm)
May 29, 2025
The TeleMessage service through 2025-05-05 is based on a JSP application in which the heap...
Moderate
Unreviewed
CVE-2025-48928
was published
May 28, 2025
Lack of file validation in do_update_vps in Avast Business Antivirus for Linux 4.5 on Linux...
High
Unreviewed
CVE-2025-4134
was published
May 28, 2025
An arbitrary file read vulnerability in the ReadTextAsynchronous function of SSCMS v7.3.1 allows...
High
Unreviewed
CVE-2025-45529
was published
May 27, 2025
A vulnerability classified as critical was found in SourceCodester Client Database Management...
Moderate
Unreviewed
CVE-2025-4909
was published
May 19, 2025
The Secure Downloads WordPress plugin before 1.2.3 is vulnerable does not properly restrict which...
Moderate
Unreviewed
CVE-2024-8031
was published
May 15, 2025
A vulnerability was discovered in Pagure server. If a malicious user were to submit a git...
High
Unreviewed
CVE-2024-4981
was published
May 12, 2025
A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges to...
High
Unreviewed
CVE-2025-32819
was published
May 7, 2025
Local File Inclusion vulnerability in Ready's attachment upload panel allows low privileged user...
High
Unreviewed
CVE-2025-1982
was published
Apr 16, 2025
CWE-552: Files or Directories Accessible to External Parties vulnerability over https exists that...
High
Unreviewed
CVE-2025-2222
was published
Apr 9, 2025
A vulnerability, which was classified as problematic, was found in SourceCodester Online Eyewear...
Moderate
Unreviewed
CVE-2025-2651
was published
Mar 23, 2025
The Download Manager WordPress plugin before 3.3.07 doesn't prevent directory listing on web...
Moderate
Unreviewed
CVE-2024-13126
was published
Mar 16, 2025
The ReadFile endpoint of the firmware for Mennekes Smart / Premium Chargingpoints can be abused...
High
Unreviewed
CVE-2025-22369
was published
Mar 11, 2025
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302...
High
Unreviewed
CVE-2025-25266
was published
Mar 11, 2025
A vulnerability has been identified in Tecnomatix Plant Simulation V2302 (All versions < V2302...
Moderate
Unreviewed
CVE-2025-25267
was published
Mar 11, 2025
A files or directories accessible to external parties vulnerability has been reported to affect...
Moderate
Unreviewed
CVE-2024-48864
was published
Mar 7, 2025
A vulnerability was found in code-projects Blood Bank Management System 1.0. It has been rated as...
Moderate
Unreviewed
CVE-2025-2038
was published
Mar 6, 2025
SeaCMS 13.3 was discovered to contain an arbitrary file read vulnerability in the...
Moderate
Unreviewed
CVE-2025-25799
was published
Mar 6, 2025
Moodle has an arbitrary file read risk through pdfTeX
High
CVE-2025-26525
was published
for
moodle/moodle
(Composer)
Feb 24, 2025
Files or Directories Accessible to External Parties vulnerability in Agito Computer Health4All...
High
Unreviewed
CVE-2024-12917
was published
Feb 24, 2025
ProTip!
Advisories are also available from the
GraphQL API