Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,963
Erlang
39
GitHub Actions
38
Go
2,615
Maven
5,000+
npm
4,255
NuGet
760
pip
4,036
Pub
12
RubyGems
953
Rust
1,049
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,710 advisories

Loading
The Zombify plugin for WordPress is vulnerable to Path Traversal in all versions up to, and... Moderate Unreviewed
CVE-2025-8385 was published Oct 31, 2025
Allegra DatabaseBackupBL Directory Traversal Information Disclosure Vulnerability. This... Moderate Unreviewed
CVE-2025-11466 was published Oct 29, 2025
A flaw has been found in OpenWGA 7.11.12 Build 737. This affects an unknown function of the file... Moderate Unreviewed
CVE-2025-12250 was published Oct 27, 2025
A weakness has been identified in givanz Vvveb up to 1.0.7.3. This issue affects the function... Moderate Unreviewed
CVE-2025-12203 was published Oct 27, 2025
Relative path traversal in Knox Enterprise prior to SMR Oct-2025 Release 1 allows local attackers... Moderate Unreviewed
CVE-2025-21048 was published Oct 10, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2025-60217 was published Oct 22, 2025
Affected versions of Atlassian Jira Server and Data Center allow remote attackers to read... Moderate Unreviewed
CVE-2021-26086 was published May 24, 2022
Mitel MiCollab through 9.8 SP2 could allow an authenticated attacker with administrative... Moderate Unreviewed
CVE-2024-55550 was published Dec 10, 2024
SonicWall Email Security version 10.0.9.x contains a vulnerability that allows a post... Moderate Unreviewed
CVE-2021-20023 was published May 24, 2022
** UNSUPPORTED WHEN ASSIGNED ** A vulnerability was found in D-Link DIR-859 1.06B01. It has been... Moderate Unreviewed
CVE-2024-0769 was published Jan 21, 2024
Improper input validation in Citrix ADC and Citrix Gateway versions before 13.0-58.30, 12.1-57.18... Moderate Unreviewed
CVE-2020-8195 was published May 24, 2022
A path traversal vulnerability found in Qlik Sense Enterprise for Windows for versions May 2023... Moderate Unreviewed
CVE-2023-41266 was published Aug 30, 2023
The default server implementation of TIBCO Software Inc.'s TIBCO JasperReports Library, TIBCO... Moderate Unreviewed
CVE-2018-18809 was published May 13, 2022
A vulnerability in the web services interface of Cisco Adaptive Security Appliance (ASA) Software... Moderate Unreviewed
CVE-2020-3452 was published May 24, 2022
A vulnerability in the HTTP/HTTPS service used by J-Web, Web Authentication, Dynamic-VPN (DVPN),... Moderate Unreviewed
CVE-2020-1631 was published May 24, 2022
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote... Moderate Unreviewed
CVE-2020-4430 was published May 24, 2022
The Snap Creek Duplicator plugin before 1.3.28 for WordPress (and Duplicator Pro before 3.8.7.1)... Moderate Unreviewed
CVE-2020-11738 was published May 24, 2022
In SonicWall SMA100, an unauthenticated Directory Traversal vulnerability in the... Moderate Unreviewed
CVE-2019-7483 was published May 24, 2022
TVT NVMS-1000 devices allow GET /.. Directory Traversal Moderate Unreviewed
CVE-2019-20085 was published May 24, 2022
An Improper Limitation of a Pathname to a Restricted Directory ("Path Traversal") in Fortinet... Moderate Unreviewed
CVE-2018-13379 was published May 24, 2022
SAP CRM, 7.01, 7.02,7.30, 7.31, 7.33, 7.54, allows an attacker to exploit insufficient validation... Moderate Unreviewed
CVE-2018-2380 was published May 14, 2022
A directory traversal vulnerability exists in TMUI that allows an authenticated attacker to... Moderate Unreviewed
CVE-2025-54755 was published Oct 15, 2025
In pfSense CE /usr/local/www/snort/snort_ip_reputation.php, the value of the iplist parameter is... Moderate Unreviewed
CVE-2025-34173 was published Sep 9, 2025
A vulnerability was detected in e107 CMS up to 2.3.3. This impacts an unknown function of the... Moderate Unreviewed
CVE-2025-11941 was published Oct 19, 2025
A vulnerability was determined in ChurchCRM up to 5.18.0. This issue affects some unknown... Moderate Unreviewed
CVE-2025-11939 was published Oct 19, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database