GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,809
Erlang
36
GitHub Actions
31
Go
2,393
Maven
5,000+
npm
4,026
NuGet
720
pip
3,818
Pub
12
RubyGems
932
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+
779 advisories
Filter by severity
The Age Gate plugin for WordPress is vulnerable to Local PHP File Inclusion in all versions up to...
Critical
Unreviewed
CVE-2025-2505
was published
Mar 20, 2025
A path traversal vulnerability exists in stitionai/devika, specifically in the project creation...
Critical
Unreviewed
CVE-2024-5752
was published
Mar 20, 2025
AgentScope path traversal vulnerability
Critical
CVE-2024-8537
was published
for
agentscope
(pip)
Mar 20, 2025
AgentScope path traversal vulnerability in save-workflow
Critical
CVE-2024-8551
was published
for
agentscope
(pip)
Mar 20, 2025
Aim path traversal in LockManager.release_locks
Critical
CVE-2024-8769
was published
for
aim
(pip)
Mar 20, 2025
Sunlogin Sunflower Simplified (aka Sunflower Simple and Personal) 1.0.1.43315 is vulnerable to a...
Critical
Unreviewed
CVE-2022-48323
was published
Feb 13, 2023
InvokeAI Arbitrary File Deletion vulnerability
Critical
CVE-2024-11042
was published
for
InvokeAI
(pip)
Mar 20, 2025
DB-GPT Absolute Path Traversal in knowledge/{space_name}/document/upload
Critical
CVE-2024-10833
was published
for
dbgpt
(pip)
Mar 20, 2025
An issue was discovered in Artifex Ghostscript before 10.05.0. Access to arbitrary files can...
Critical
Unreviewed
CVE-2025-27837
was published
Mar 25, 2025
The Kubio AI Page Builder plugin for WordPress is vulnerable to Local File Inclusion in all...
Critical
Unreviewed
CVE-2025-2294
was published
Mar 28, 2025
A path handling issue was addressed with improved validation. This issue is fixed in visionOS 2.4...
Critical
Unreviewed
CVE-2025-30429
was published
Apr 1, 2025
Directory traversal vulnerability in ChinaMobile PLC Wireless Router model GPN2.4P21-C-CN running...
Critical
Unreviewed
CVE-2020-18331
was published
Jan 26, 2023
An issue was discovered in the default configuration of ChinaMobile PLC Wireless Router model...
Critical
Unreviewed
CVE-2020-18330
was published
Jan 26, 2023
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
Critical
Unreviewed
CVE-2025-30841
was published
Apr 1, 2025
The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated,...
Critical
Unreviewed
CVE-2022-31706
was published
Jan 26, 2023
Blogifier does not properly restrict APIs
Critical
CVE-2019-12277
was published
for
Blogifier.Core
(NuGet)
May 24, 2022
The Drag and Drop Multiple File Upload for WooCommerce plugin for WordPress is vulnerable to...
Critical
Unreviewed
CVE-2025-2941
was published
Apr 7, 2025
A vulnerability has been identified in SENTRON 7KT PAC1260 Data Manager (All versions). The web...
Critical
Unreviewed
CVE-2024-41792
was published
Apr 8, 2025
StreamX applications from versions 6.02.01 to 6.04.34 are affected by a logic bug that allows to...
Critical
Unreviewed
CVE-2022-4779
was published
Dec 29, 2022
An issue in OS4ED openSIS v8.0 through v9.1 allows attackers to execute a directory traversal by...
Critical
Unreviewed
CVE-2025-22926
was published
Apr 3, 2025
The InstaWP Connect – 1-click WP Staging & Migration plugin for WordPress is vulnerable to Local...
Critical
Unreviewed
CVE-2025-2636
was published
Apr 11, 2025
Relative Path Traversal vulnerability in ForgeRock Access Management Web Policy Agent allows...
Critical
Unreviewed
CVE-2023-0339
was published
Feb 28, 2023
Relative Path Traversal vulnerability in ForgeRock Access Management Java Policy Agent allows...
Critical
Unreviewed
CVE-2023-0511
was published
Feb 28, 2023
ProTip!
Advisories are also available from the
GraphQL API