GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,104
Composer 4,884
Erlang 37
GitHub Actions 38
Go 2,546
Maven 5,990
npm 4,205
NuGet 743
pip 3,978
Pub 12
RubyGems 947
Rust 1,034
Swift 39

Unreviewed advisories

All unreviewed 272,275

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

181 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

nncp before 8.12.0 allows path traversal (for reading or writing) during freqing and file saving... Moderate Unreviewed

CVE-2025-60020 was published Sep 24, 2025

The eHRD CTMS developed by Sunnet has an Arbitrary File Reading vulnerability, allowing remote... Moderate Unreviewed

CVE-2025-9570 was published Sep 23, 2025

In JetBrains TeamCity before 2025.07.2 path traversal was possible during project archive upload Moderate Unreviewed

CVE-2025-59456 was published Sep 17, 2025

A path traversal in the Control-M/Agent can lead to a local privilege escalation when an attacker... Critical Unreviewed

CVE-2025-55115 was published Sep 16, 2025

Relative path traversal vulnerability due to improper input validation in Digilent WaveForms that... High Unreviewed

CVE-2025-10203 was published Sep 15, 2025

A Relative Path Traversal vulnerability [CWE-23] in FortiWeb 7.6.0 through 7.6.4, 7.4.0 through 7... Moderate Unreviewed

CVE-2025-53609 was published Sep 9, 2025

IBM Jazz Foundation 7.0.2 through 7.0.2 iFix033, 7.0.3 through 7.0.3 iFix012, and 7.1.0 through 7... Moderate Unreviewed

CVE-2025-25048 was published Sep 4, 2025

The QbiCRMGateway developed by Ai3 has an Arbitrary File Reading vulnerability, allowing... High Unreviewed

CVE-2025-9639 was published Aug 29, 2025

An authorized remote attacker can access files and directories outside the intended web root,... Moderate Unreviewed

CVE-2021-4459 was published Aug 27, 2025

The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-8464 was published Aug 16, 2025

Multiple relative path traversal vulnerabilities [CWE-23] in Fortinet FortiMail version 7.6.0... Moderate Unreviewed

CVE-2024-40588 was published Aug 12, 2025

A relative path traversal vulnerability [CWE-23] in FortiSOAR 7.6.0, 7.5.0 through 7.5.1, 7.4 all... Moderate Unreviewed

CVE-2024-48892 was published Aug 12, 2025

Relative path traversal in Windows Kerberos allows an authorized attacker to elevate privileges... High Unreviewed

CVE-2025-53779 was published Aug 12, 2025

A path traversal vulnerability in Vedo Suite 2024.17 allows remote authenticated attackers to... Moderate Unreviewed

CVE-2025-51052 was published Aug 6, 2025

An issue was discovered in Logpoint before 7.6.0. An attacker with operator privileges can... High Unreviewed

CVE-2025-54317 was published Jul 20, 2025

An 'Arbitrary File Deletion' in Samsung DMS(Data Management Server) allows attackers to delete... Moderate Unreviewed

CVE-2025-53082 was published Jul 29, 2025

In JetBrains TeamCity before 2025.07 path traversal was possible via plugin unpacking on Windows High Unreviewed

CVE-2025-54531 was published Jul 28, 2025

A path traversal vulnerability exists in the 'document uploads manager' feature of mintplex-labs... High Unreviewed

CVE-2024-10513 was published Mar 20, 2025

BatchSignCS, a background Windows application developed by WellChoose, has an Arbitrary File... High Unreviewed

CVE-2025-7619 was published Jul 14, 2025

Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code... High Unreviewed

CVE-2025-48817 was published Jul 8, 2025

The iPublish System developed by Jhenggao has an Arbitrary File Reading vulnerability, allowing... High Unreviewed

CVE-2025-7146 was published Jul 8, 2025

Directory traversal vulnerability in the web server in SpecView 2.5 build 853 and earlier allows... Moderate Unreviewed

CVE-2012-5972 was published May 17, 2022

Directory traversal vulnerability in the Runtime Toolkit in CODESYS Runtime System 2.3.x and 2.4... High Unreviewed

CVE-2012-6069 was published May 17, 2022

PBXCoreREST/Controllers/Files/PostController.php in MikoPBX through 2024.1.114 allows uploading a... Critical Unreviewed

CVE-2025-52207 was published Jun 27, 2025

Innoshop through 0.4.1 allows directory traversal via FileManager API endpoints. An authenticated... High Unreviewed

CVE-2025-52922 was published Jun 23, 2025

Previous1…8 Next

Previous 1 2 3 4 5 6 7 8 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

181 advisories