GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,206
Composer 4,344
Erlang 31
GitHub Actions 22
Go 2,109
Maven 5,284
npm 3,765
NuGet 680
pip 3,453
Pub 12
RubyGems 892
Rust 887
Swift 37

Unreviewed advisories

All unreviewed 243,480

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

606 advisories

Filter by severity

Sort by

Least recently updated

An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0. An attacker can upload... Critical Unreviewed

CVE-2022-41352 was published Sep 27, 2022

The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress... Critical Unreviewed

CVE-2025-0493 was published Jan 31, 2025

The snapshot_path parameter in the /api/get-browser-snapshot endpoint in stitionai devika v1 is... Critical Unreviewed

CVE-2024-40422 was published Jul 24, 2024

Zimbra Collaboration Suite (ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP... Critical Unreviewed

CVE-2022-37042 was published Aug 13, 2022

The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A... Critical Unreviewed

CVE-2021-22005 was published May 24, 2022

The Bootstrap Ultimate theme for WordPress is vulnerable to Local File Inclusion in all versions... Critical Unreviewed

CVE-2024-13545 was published Jan 24, 2025

The functionality for file download in HGiga OAKlouds' certain modules contains an Arbitrary File... Critical Unreviewed

CVE-2024-26261 was published Feb 15, 2024

MikroTik RouterOS through 6.42 allows unauthenticated remote attackers to read arbitrary files... Critical Unreviewed

CVE-2018-14847 was published May 14, 2022

A relative path traversal vulnerability (CWE-23) in FortiWAN version 4.5.7 and below, 4.4 all... Critical Unreviewed

CVE-2021-26102 was published Dec 19, 2024

The File Manager and File Manager Pro plugins for WordPress are vulnerable to Directory Traversal... Critical Unreviewed

CVE-2023-6825 was published Mar 13, 2024

An issue in Jeewms v.3.7 and before allows a remote attacker to escalate privileges via the... Critical Unreviewed

CVE-2024-27764 was published Mar 6, 2024

In Veritas NetBackup before 8.1.2 and NetBackup Appliance before 3.1.2, the BPCD process... Critical Unreviewed

CVE-2024-28222 was published Mar 7, 2024

Multiple directory traversal vulnerabilities exist in the nas.cgi add_dir() functionality of... Critical Unreviewed

CVE-2024-39787 was published Jan 14, 2025

Multiple directory traversal vulnerabilities exist in the nas.cgi add_dir() functionality of... Critical Unreviewed

CVE-2024-39786 was published Jan 14, 2025

Zoho ManageEngine Access Manager Plus before 4302, Password Manager Pro before 12007, and PAM360... Critical Unreviewed

CVE-2022-29081 was published Apr 29, 2022

The Post Grid Master – Custom Post Types, Taxonomies & Ajax Filter Everything with Infinite... Critical Unreviewed

CVE-2024-11642 was published Jan 9, 2025

A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 v3.90. The... Critical Unreviewed

CVE-2024-55516 was published Dec 17, 2024

A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 3.90. The component... Critical Unreviewed

CVE-2024-55513 was published Dec 17, 2024

A vulnerability was found in Raisecom MSG1200, MSG2100E, MSG2200, and MSG2300 3.90. The component... Critical Unreviewed

CVE-2024-55515 was published Dec 17, 2024

A directory traversal vulnerability in Hewlett Packard Enterprise Insight Remote Support may... Critical Unreviewed

CVE-2024-53676 was published Nov 27, 2024

A path handling issue was addressed with improved validation. This issue is fixed in iOS 17.5 and... Critical Unreviewed

CVE-2024-27810 was published May 14, 2024

yshopmall V1.0 has an arbitrary file upload vulnerability, which can enable RCE or even take over... Critical Unreviewed

CVE-2024-50648 was published Nov 15, 2024

The user avatar upload function in python_book V1.0 has an arbitrary file upload vulnerability. Critical Unreviewed

CVE-2024-50649 was published Nov 15, 2024

Absolute path traversal vulnerability in Quick.CMS, version 6.7, the exploitation of which could... Critical Unreviewed

CVE-2024-11992 was published Nov 29, 2024

DedeBIZ v6.3.0 was discovered to contain an arbitrary file deletion vulnerability via the... Critical Unreviewed

CVE-2024-52771 was published Nov 20, 2024

Previous 1 2 3 4 5 … 24 25 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

606 advisories