Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,968
Erlang
39
GitHub Actions
38
Go
2,616
Maven
5,000+
npm
4,255
NuGet
760
pip
4,040
Pub
12
RubyGems
953
Rust
1,050
Swift
45
Unreviewed advisories
All unreviewed
5,000+

93 advisories

Loading
Dell Secure Connect Gateway (SCG) 5.0 Application and Appliance version(s) 5.26.00.00 - 5.30.00... Moderate Unreviewed
CVE-2025-46363 was published Oct 30, 2025
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4... Moderate Unreviewed
CVE-2025-60023 was published Oct 24, 2025
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4... Moderate Unreviewed
CVE-2025-59776 was published Oct 24, 2025
IBM Cognos Analytics 11.2.0 through 11.2.4 FP5 is vulnerable to local file inclusion... Moderate Unreviewed
CVE-2024-56340 was published Feb 28, 2025
A vulnerability in the `start_app_server` function of parisneo/lollms-webui V12 (Strawberry)... Moderate Unreviewed
CVE-2024-10019 was published Mar 20, 2025
The Slider Revolution plugin for WordPress is vulnerable to unauthorized access and modification... Moderate Unreviewed
CVE-2025-10249 was published Oct 9, 2025
Directory Traversal in Next.js Moderate
CVE-2020-5284 was published for next (npm) Mar 30, 2020
nncp before 8.12.0 allows path traversal (for reading or writing) during freqing and file saving... Moderate Unreviewed
CVE-2025-60020 was published Sep 24, 2025
The eHRD CTMS developed by Sunnet has an Arbitrary File Reading vulnerability, allowing remote... Moderate Unreviewed
CVE-2025-9570 was published Sep 23, 2025
In JetBrains TeamCity before 2025.07.2 path traversal was possible during project archive upload Moderate Unreviewed
CVE-2025-59456 was published Sep 17, 2025
A Relative Path Traversal vulnerability [CWE-23] in FortiWeb 7.6.0 through 7.6.4, 7.4.0 through 7... Moderate Unreviewed
CVE-2025-53609 was published Sep 9, 2025
IBM Jazz Foundation 7.0.2 through 7.0.2 iFix033, 7.0.3 through 7.0.3 iFix012, and 7.1.0 through 7... Moderate Unreviewed
CVE-2025-25048 was published Sep 4, 2025
An authorized remote attacker can access files and directories outside the intended web root,... Moderate Unreviewed
CVE-2021-4459 was published Aug 27, 2025
The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to... Moderate Unreviewed
CVE-2025-8464 was published Aug 16, 2025
A relative path traversal vulnerability [CWE-23] in FortiSOAR 7.6.0, 7.5.0 through 7.5.1, 7.4 all... Moderate Unreviewed
CVE-2024-48892 was published Aug 12, 2025
Multiple relative path traversal vulnerabilities [CWE-23] in Fortinet FortiMail version 7.6.0... Moderate Unreviewed
CVE-2024-40588 was published Aug 12, 2025
Assemblyline 4 service client vulnerable to Arbitrary Write through path traversal in Client code Moderate
CVE-2025-55013 was published for assemblyline-service-client (pip) Jul 25, 2025
serexp
Credited to serexp
A path traversal vulnerability in Vedo Suite 2024.17 allows remote authenticated attackers to... Moderate Unreviewed
CVE-2025-51052 was published Aug 6, 2025
An 'Arbitrary File Deletion' in Samsung DMS(Data Management Server) allows attackers to delete... Moderate Unreviewed
CVE-2025-53082 was published Jul 29, 2025
Filemanager is vulnerable to Relative Path Traversal through filemanager.php Moderate
CVE-2025-46002 was published for simogeo/filemanager (Composer) Jul 18, 2025
Directory traversal vulnerability in the web server in SpecView 2.5 build 853 and earlier allows... Moderate Unreviewed
CVE-2012-5972 was published May 17, 2022
A vulnerability was found in ZKTeco ZKBio Media 2.0.0_x64_2024-01-29-1028. It has been classified... Moderate Unreviewed
CVE-2024-2318 was published Mar 8, 2024
aerc before 93bec0d allows directory traversal in commands/msgview/open.go because of direct path... Moderate Unreviewed
CVE-2025-49466 was published Jun 5, 2025
All versions of the Medtronic 2090 Carelink Programmer are affected by a directory traversal... Moderate Unreviewed
CVE-2018-5448 was published May 13, 2022
In JetBrains TeamCity before 2025.03.1 improper path validation in loggingPreset parameter was... Moderate Unreviewed
CVE-2025-46433 was published Apr 25, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database