Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,717
Maven
5,000+
npm
4,328
NuGet
761
pip
4,105
Pub
12
RubyGems
958
Rust
1,065
Swift
45
Unreviewed advisories
All unreviewed
5,000+

7,427 advisories

Loading
A vulnerability has been found in Sobey Media Convergence System 2.0/2.1. This vulnerability... Moderate Unreviewed
CVE-2025-14182 was published Dec 7, 2025
The 10Web Booster – Website speed optimization, Cache & Page Speed optimizer plugin for WordPress... Critical Unreviewed
CVE-2025-13377 was published Dec 6, 2025
A security vulnerability has been detected in Rarlab RAR App up to 7.11 Build 127 on Android.... Low Unreviewed
CVE-2025-14111 was published Dec 6, 2025
Warehouse Management System 1.2 contains an authenticated arbitrary file deletion vulnerability.... High Unreviewed
CVE-2025-65879 was published Dec 5, 2025
zdh_web is a data collection, processing, monitoring, scheduling, and management platform. In... High Unreviewed
CVE-2025-65897 was published Dec 5, 2025
The warehouse management system version 1.2 contains an arbitrary file read vulnerability. The... High Unreviewed
CVE-2025-65878 was published Dec 5, 2025
Directory traversal vulnerability in Fanvil x210 V2 2.12.20 allows unauthenticated attackers on... High Unreviewed
CVE-2025-64057 was published Dec 5, 2025
ComposioHQ has a directory traversal vulnerability Moderate
CVE-2025-56427 was published for composio (pip) Dec 4, 2025
Improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-54160 was published Dec 4, 2025
An issue was discovered in the Thermo Fisher Torrent Suite Django application 5.18.1. The ... High Unreviewed
CVE-2025-54307 was published Dec 4, 2025
A vulnerability in portenable cgi allows remote authenticated users to get the status of... High Unreviewed
CVE-2025-29846 was published Dec 4, 2025
A vulnerability in VideoPlayer2 subtitle cgi allows remote authenticated users to read .srt files. Moderate Unreviewed
CVE-2025-29845 was published Dec 4, 2025
A vulnerability in FileStation thumb cgi allows remote authenticated users to read/write image... Moderate Unreviewed
CVE-2025-29843 was published Dec 4, 2025
A vulnerability in FileStation file cgi allows remote authenticated users to read file metadata... Moderate Unreviewed
CVE-2025-29844 was published Dec 4, 2025
alexusmai laravel-file-manager is vulnerable to Directory Traversal via the unzip/extraction functionality High
CVE-2025-65346 was published for alexusmai/laravel-file-manager (Composer) Dec 4, 2025
alexusmai laravel-file-manager is vulnerable to Directory Traversal Low
CVE-2025-65345 was published for alexusmai/laravel-file-manager (Composer) Dec 3, 2025
The Modula Image Gallery plugin for WordPress is vulnerable to arbitrary file deletion due to... High Unreviewed
CVE-2025-13645 was published Dec 3, 2025
A security vulnerability has been detected in Rareprob HD Video Player All Formats App 12.1.372... Moderate Unreviewed
CVE-2025-13876 was published Dec 2, 2025
A weakness has been identified in Yohann0617 oci-helper up to 3.2.4. This issue affects the... Moderate Unreviewed
CVE-2025-13875 was published Dec 2, 2025
Directory traversal vulnerability in SOLIDserver IPAM v8.2.3. This vulnerability allows an... Moderate Unreviewed
CVE-2025-13879 was published Dec 2, 2025
Grav vulnerable to Path traversal / arbitrary YAML write via user creation leading to Account Takeover / System Corruption High
CVE-2025-66295 was published for getgrav/grav (Composer) Dec 2, 2025
NicatAliyevh
Credited to NicatAliyevh
Gin-vue-admin has an arbitrary file deletion vulnerability High
CVE-2025-66410 was published for github.com/flipped-aurora/gin-vue-admin (Go) Dec 2, 2025
Keras Directory Traversal Vulnerability High
CVE-2025-12060 was published for keras (pip) Dec 2, 2025
ready-research
Credited to ready-research
Grav vulnerable to Path Traversal allowing server files backup Moderate
CVE-2025-66302 was published for getgrav/grav (Composer) Dec 2, 2025
abdellah0x0
Credited to abdellah0x0
Grav is vulnerable to Arbitrary File Read High
CVE-2025-66300 was published for getgrav/grav (Composer) Dec 2, 2025
thanayut1750
Credited to thanayut1750
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database