Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,791
Erlang
36
GitHub Actions
29
Go
2,370
Maven
5,000+
npm
3,995
NuGet
720
pip
3,789
Pub
12
RubyGems
927
Rust
984
Swift
38
Unreviewed advisories
All unreviewed
5,000+

6,958 advisories

Loading
The WP User Frontend Pro plugin for WordPress is vulnerable to arbitrary file deletion due to... High Unreviewed
CVE-2025-3055 was published Jun 5, 2025
A vulnerability was found in SoluçõesCoop iSoluçõesWEB up to 20250516. It has been classified as... Moderate Unreviewed
CVE-2025-5714 was published Jun 6, 2025
A path traversal vulnerability has been reported to affect File Station 5. If a remote attacker... High Unreviewed
CVE-2025-33035 was published Jun 6, 2025
Allegra extractFileFromZip Directory Traversal Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-3485 was published Jun 6, 2025
A vulnerability has been found in Whistle 2.9.98 and classified as problematic. This... Moderate Unreviewed
CVE-2025-5880 was published Jun 9, 2025
HAX CMS vulnerable to Local File Inclusion via saveOutline API Location Parameter Moderate
CVE-2025-49138 was published for elmsln/haxcms (Composer) Jun 9, 2025
Indigo-10
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-31050 was published Jun 9, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-31635 was published Jun 9, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-39473 was published Jun 9, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2025-47511 was published Jun 9, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-48124 was published Jun 9, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-48130 was published Jun 9, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-48267 was published Jun 9, 2025
SAP NetWeaver Visual Composer contains a Directory Traversal vulnerability caused by insufficient... High Unreviewed
CVE-2025-42977 was published Jun 10, 2025
CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')... Moderate Unreviewed
CVE-2025-5741 was published Jun 10, 2025
CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')... High Unreviewed
CVE-2025-5740 was published Jun 10, 2025
A vulnerability in the APIs of HPE Aruba Networking Private 5G Core could potentially expose... High Unreviewed
CVE-2025-37100 was published Jun 10, 2025
Erxes Path Traversal vulnerability Moderate
CVE-2024-57189 was published for erxes (npm) Jun 10, 2025
Erxes Path Traversal vulnerability High
CVE-2024-57186 was published for erxes (npm) Jun 10, 2025
'.../...//' in Microsoft Office Outlook allows an authorized attacker to execute code locally. High Unreviewed
CVE-2025-47176 was published Jun 10, 2025
A vulnerability has been identified in Mendix Studio Pro 10 (All versions < V10.23.0), Mendix... Moderate Unreviewed
CVE-2025-40592 was published Jun 12, 2025
Salt's file contents overwrite the VirtKey class Moderate
CVE-2025-22241 was published for salt (pip) Jun 13, 2025
Salt allows arbitrary directory creation or file deletion Moderate
CVE-2025-22240 was published for salt (pip) Jun 13, 2025
Salt vulnerable to directory traversal attack in minion file cache creation Moderate
CVE-2025-22238 was published for salt (pip) Jun 13, 2025
Salt vulnerable to directory traversal attack in file receiving method Critical
CVE-2024-38824 was published for salt (pip) Jun 13, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database