Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,809
Erlang
36
GitHub Actions
31
Go
2,393
Maven
5,000+
npm
4,026
NuGet
720
pip
3,818
Pub
12
RubyGems
932
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+

3,067 advisories

Loading
The JKDEVKIT plugin for WordPress is vulnerable to arbitrary file deletion due to insufficient... High Unreviewed
CVE-2025-2932 was published Jul 3, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-28980 was published Jul 4, 2025
Marvell QConvergeConsole getAppFileBytes Directory Traversal Information Disclosure Vulnerability... High Unreviewed
CVE-2025-6796 was published Jul 7, 2025
Marvell QConvergeConsole deleteAppFile Directory Traversal Arbitrary File Deletion Vulnerability.... High Unreviewed
CVE-2025-6798 was published Jul 7, 2025
Marvell QConvergeConsole decryptFile Directory Traversal Arbitrary File Write Vulnerability. This... High Unreviewed
CVE-2025-6806 was published Jul 7, 2025
Marvell QConvergeConsole getFileUploadBytes Directory Traversal Information Disclosure... High Unreviewed
CVE-2025-6797 was published Jul 7, 2025
Marvell QConvergeConsole getFileUploadBytes Directory Traversal Information Disclosure... High Unreviewed
CVE-2025-6799 was published Jul 7, 2025
Marvell QConvergeConsole compressFirmwareDumpFiles Directory Traversal Information Disclosure... High Unreviewed
CVE-2025-6804 was published Jul 7, 2025
Marvell QConvergeConsole saveNICParamsToFile Directory Traversal Arbitrary File Write... High Unreviewed
CVE-2025-6801 was published Jul 7, 2025
Marvell QConvergeConsole deleteEventLogFile Directory Traversal Arbitrary File Deletion... High Unreviewed
CVE-2025-6805 was published Jul 7, 2025
Marvell QConvergeConsole compressDriverFiles Directory Traversal Information Disclosure... High Unreviewed
CVE-2025-6803 was published Jul 7, 2025
Marvell QConvergeConsole restoreESwitchConfig Directory Traversal Information Disclosure... High Unreviewed
CVE-2025-6800 was published Jul 7, 2025
A remote code execution vulnerability exists in Remote Desktop Services - formerly known as... High Unreviewed
CVE-2019-0887 was published May 24, 2022
LlamaIndex is vulnerable to Path Traversal attack through its ObsidianReader class High
CVE-2025-3046 was published for llama-index-readers-obsidian (pip) Jul 7, 2025
A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected application... High Unreviewed
CVE-2025-40738 was published Jul 8, 2025
A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected application... High Unreviewed
CVE-2025-40737 was published Jul 8, 2025
Path Traversal in Action View High
CVE-2019-5418 was published for actionview (RubyGems) Mar 13, 2019
A vulnerability in mintplex-labs/anything-llm prior to version 1.3.1 allows for path traversal... High Unreviewed
CVE-2024-13059 was published Feb 10, 2025
A path traversal vulnerability exists in the Moodle LMS Jmol plugin version 6.1 and prior via the... High Unreviewed
CVE-2025-34031 was published Jun 26, 2025
A directory traversal vulnerability was discovered in White Star Software Protop version 4.4.2... High Unreviewed
CVE-2025-44177 was published Jul 9, 2025
Chall-Manager is vulnerable to Path Traversal when extracting/decoding a zip archive High
CVE-2025-53632 was published for github.com/ctfer-io/chall-manager (Go) Jul 10, 2025
The Application is vulnerable to an authenticated Arbitrary File Deletion. This affects the Agent... High Unreviewed
CVE-2024-26292 was published Jul 14, 2025
A path traversal vulnerability exists in the 'document uploads manager' feature of mintplex-labs... High Unreviewed
CVE-2024-10513 was published Mar 20, 2025
A path traversal vulnerability in the file_upload-cgi CGI program of Zyxel NWA50AX PRO firmware... High Unreviewed
CVE-2025-6265 was published Jul 15, 2025
The Counter live visitors for WooCommerce plugin for WordPress is vulnerable to arbitrary file... High Unreviewed
CVE-2025-7359 was published Jul 16, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database