GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 22,979
Composer 4,785
Erlang 36
GitHub Actions 29
Go 2,358
Maven 5,673
npm 3,979
NuGet 720
pip 3,777
Pub 12
RubyGems 924
Rust 981
Swift 38

Unreviewed advisories

All unreviewed 260,739

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,436 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Directory Traversal vulnerability in WebLaudos 24.2 (04) allows a remote attacker to obtain... High Unreviewed

CVE-2025-27956 was published Jun 2, 2025

The Newsletters plugin for WordPress is vulnerable to Local File Inclusion in all versions up to,... High Unreviewed

CVE-2025-4857 was published May 31, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed

CVE-2025-48273 was published May 23, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed

CVE-2025-47535 was published May 23, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed

CVE-2025-47603 was published May 23, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed

CVE-2025-47492 was published May 23, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed

CVE-2025-47512 was published May 23, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed

CVE-2025-31053 was published May 23, 2025

Cloudera Hue Ace Editor Directory Traversal Information Disclosure Vulnerability. This... High Unreviewed

CVE-2025-3884 was published May 22, 2025

Allegra isZipEntryValide Directory Traversal Remote Code Execution Vulnerability. This... High Unreviewed

CVE-2025-3486 was published May 22, 2025

VMware Cloud Foundation contains a directory traversal vulnerability. A malicious actor with... High Unreviewed

CVE-2025-41229 was published May 20, 2025

PNETLab 4.2.10 does not properly sanitize user inputs in its file access mechanisms. This allows... High Unreviewed

CVE-2025-40629 was published May 16, 2025

The File Manager Advanced Shortcode WordPress plugin for WordPress is vulnerable to Local File... High Unreviewed

CVE-2024-13914 was published May 15, 2025

upset-gal-web v7.1.0 /api/music/v1/cover.ts contains an arbitrary file read vulnerabilit High Unreviewed

CVE-2025-28055 was published May 13, 2025

NetAlertX 24.7.18 before 24.10.12 allows unauthenticated file reading because an HTTP client can... High Unreviewed

CVE-2024-48766 was published May 13, 2025

A directory traversal vulnerability was discovered in Pagure server. If a malicious user submits... High Unreviewed

CVE-2024-4982 was published May 12, 2025

The WordPress Review Plugin: The Ultimate Solution for Building a Review Website plugin for... High Unreviewed

CVE-2025-2158 was published May 10, 2025

The WordPress CRM, Email & Marketing Automation for WordPress | Award Winner — Groundhogg plugin... High Unreviewed

CVE-2025-4206 was published May 9, 2025

Absolute Path Traversal vulnerability in AP Page Builder versions prior to 4.0.0 could allow an... High Unreviewed

CVE-2024-6648 was published May 8, 2025

A vulnerability in SMA100 allows a remote authenticated attacker with SSLVPN user privileges can... High Unreviewed

CVE-2025-32820 was published May 7, 2025

Mozilla Firefox's update mechanism allowed a medium-integrity user process to interfere with the... High Unreviewed

CVE-2025-2817 was published Apr 29, 2025

Quick Agent V3 and Quick Agent V2 contain an issue with improper limitation of a pathname to a... High Unreviewed

CVE-2025-27937 was published Apr 28, 2025

The Mayosis Core plugin for WordPress is vulnerable to Arbitrary File Read in all versions up to,... High Unreviewed

CVE-2025-1565 was published Apr 25, 2025

The WPMasterToolKit (WPMTK) – All in one plugin plugin for WordPress is vulnerable to Directory... High Unreviewed

CVE-2025-3300 was published Apr 24, 2025

NVIDIA NeMo Framework contains a vulnerability where an attacker could cause an improper... High Unreviewed

CVE-2025-23250 was published Apr 22, 2025

Previous 1 2 3 4 5 … 97 98 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,436 advisories