Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,454
Erlang
33
GitHub Actions
22
Go
2,153
Maven
5,000+
npm
3,818
NuGet
693
pip
3,492
Pub
12
RubyGems
902
Rust
903
Swift
38
Unreviewed advisories
All unreviewed
5,000+

6,552 advisories

Loading
The Ultimate Video Player WordPress & WooCommerce Plugin plugin for WordPress is vulnerable to... High Unreviewed
CVE-2024-10804 was published Mar 7, 2025
The CS Framework plugin for WordPress is vulnerable to arbitrary file deletion due to... High Unreviewed
CVE-2024-12035 was published Mar 7, 2025
A vulnerability classified as problematic was found in ChestnutCMS 1.5.2. This vulnerability... Moderate Unreviewed
CVE-2025-2032 was published Mar 6, 2025
Smartwares cameras CIP-37210AT and C724IP, as well as others which share the same firmware in... Moderate Unreviewed
CVE-2024-13894 was published Mar 6, 2025
The Moving Media Library plugin for WordPress is vulnerable to arbitrary file deletion due to... Moderate Unreviewed
CVE-2024-13897 was published Mar 6, 2025
Path traversal may lead to arbitrary file deletion. The score without least privilege principle... Moderate Unreviewed
CVE-2025-23416 was published Mar 5, 2025
Path traversal may allow remote code execution using privileged account (requires device admin... High Unreviewed
CVE-2025-24494 was published Mar 5, 2025
Path traversal may lead to arbitrary file download. The score without least privilege principle... Moderate Unreviewed
CVE-2025-21095 was published Mar 5, 2025
The DesignThemes Core Features plugin for WordPress is vulnerable to unauthorized access of data... High Unreviewed
CVE-2024-13471 was published Mar 5, 2025
Improper Limitation of a Pathname to a Restricted Directory in DevTools in Google Chrome on... High Unreviewed
CVE-2025-1915 was published Mar 5, 2025
A vulnerability regarding improper limitation of a pathname to a restricted directory ('Path... Moderate Unreviewed
CVE-2023-47803 was published Mar 4, 2025
There is a path traversal vulnerability in ESRI ArcGIS Server versions 10.9.1 thru 11.3. ... Moderate Unreviewed
CVE-2024-51958 was published Mar 3, 2025
There is a path traversal vulnerability in ESRI ArcGIS Server versions 10.9.1 thru 11.3. ... Moderate Unreviewed
CVE-2024-51966 was published Mar 3, 2025
Path Traversal vulnerability in NotFound GPX Viewer allows Path Traversal. This issue affects GPX... Moderate Unreviewed
CVE-2025-27274 was published Mar 3, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2024-8262 was published Mar 3, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-25162 was published Mar 3, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-26540 was published Mar 3, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-26534 was published Mar 3, 2025
Oxidized Web RANCID migration page allows unauthenticated user to gain control over Linux user account Critical
CVE-2025-27590 was published for oxidized-web (RubyGems) Mar 3, 2025
The Database Backup and check Tables Automated With Scheduler 2024 plugin for WordPress is... High Unreviewed
CVE-2024-13910 was published Mar 1, 2025
IBM Cognos Analytics 11.2.0 through 11.2.4 FP5 and 12.0.0 through 12.0.4 could allow a remote... Moderate Unreviewed
CVE-2025-0823 was published Feb 28, 2025
In XIQ-SE before 24.2.11, due to a missing access control check, a path traversal is possible,... Critical Unreviewed
CVE-2024-38292 was published Feb 28, 2025
A vulnerability, which was classified as critical, was found in zyx0814 Pichome 2.1.0. This... Moderate Unreviewed
CVE-2025-1743 was published Feb 27, 2025
An issue in the component admin_template.php of SUCMS v1.0 allows attackers to execute a... High Unreviewed
CVE-2025-25759 was published Feb 27, 2025
IBM EntireX 11.1 could allow an authenticated attacker to traverse directories on the system. An... Moderate Unreviewed
CVE-2024-54169 was published Feb 27, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database