GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,861
Composer 4,778
Erlang 35
GitHub Actions 29
Go 2,332
Maven 5,636
npm 3,966
NuGet 713
pip 3,759
Pub 12
RubyGems 921
Rust 975
Swift 38

Unreviewed advisories

All unreviewed 259,145

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

47 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Improper Handling of Windows ::DATA Alternate Data Stream vulnerability in Tridium Niagara... Moderate Unreviewed

CVE-2025-3941 was published May 22, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-48136 was published May 16, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-30849 was published Apr 1, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2025-30870 was published Apr 1, 2025

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... Moderate Unreviewed

CVE-2025-24733 was published Jan 24, 2025

Zenitel AlphaWeb XE v11.2.3.10 was discovered to contain a local file inclusion vulnerability via... Moderate Unreviewed

CVE-2024-57785 was published Jan 17, 2025

An insecure direct object reference (IDOR) vulnerability was discovered in PHPGurukul Online... Moderate Unreviewed

CVE-2024-55058 was published Dec 17, 2024

Improper Control of Filename for Include/Require Statement in PHP Program ('PHP Remote File... High Unreviewed

CVE-2024-53739 was published Nov 30, 2024

The Qi Addons For Elementor plugin for WordPress is vulnerable to Remote File Inclusion in all... High Unreviewed

CVE-2024-4887 was published Jun 7, 2024

In the Linux kernel, the following vulnerability has been resolved: ftrace: Do not blindly read... Moderate Unreviewed

CVE-2021-47276 was published May 21, 2024

In the Linux kernel, the following vulnerability has been resolved: IB/mlx5: Fix initializing CQ... High Unreviewed

CVE-2021-47261 was published May 21, 2024

Avast Premium Security Sandbox Protection Link Following Privilege Escalation Vulnerability. This... High Unreviewed

CVE-2023-42125 was published May 3, 2024

D-Link DIR-300 firmware <=REVA1.06 and <=REVB2.06 is vulnerable to File inclusion via /model... Critical Unreviewed

CVE-2023-31814 was published May 23, 2023

Incorrect Access Control issue discoverd in Cloud Disk in ASUS RT-AC68U router firmware version... Critical Unreviewed

CVE-2021-37315 was published Feb 3, 2023

An issue was discovered in Technitium DNS Server through 8.0.2 that allows variant V2 of... Critical Unreviewed

CVE-2022-30258 was published Nov 22, 2022

An issue was discovered in Technitium DNS Server through 8.0.2 that allows variant V1 of... Critical Unreviewed

CVE-2022-30257 was published Nov 22, 2022

Allows a remote user to read files on the camera's OS "GetFileContent.cgi". Reading arbitrary... Moderate Unreviewed

CVE-2022-30621 was published Jul 19, 2022

A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when... High Unreviewed

CVE-2022-27778 was published Jun 3, 2022

The employee management page of Flygo contains an Insecure Direct Object Reference (IDOR)... Moderate Unreviewed

CVE-2021-37215 was published May 24, 2022

The check-in record page of Flygo contains Insecure Direct Object Reference (IDOR) vulnerability.... Moderate Unreviewed

CVE-2021-37213 was published May 24, 2022

Zoho ManageEngine ADSelfService Plus version 6113 and prior is vulnerable to REST API... Critical Unreviewed

CVE-2021-40539 was published May 24, 2022

The bulletin function of Flygo contains Insecure Direct Object Reference (IDOR) vulnerability.... Moderate Unreviewed

CVE-2021-37212 was published May 24, 2022

The employee management page of Flygo contains Insecure Direct Object Reference (IDOR)... High Unreviewed

CVE-2021-37214 was published May 24, 2022

libcurl keeps previously used connections in a connection pool for subsequenttransfers to reuse,... High Unreviewed

CVE-2021-22924 was published May 24, 2022

CSZ CMS 1.2.9 is vulnerable to Arbitrary File Deletion. This occurs in PHP when the unlink()... Critical Unreviewed

CVE-2021-37144 was published May 24, 2022

Previous 1 2 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

47 advisories