Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,476
Erlang
33
GitHub Actions
24
Go
2,207
Maven
5,000+
npm
3,858
NuGet
696
pip
3,639
Pub
12
RubyGems
913
Rust
918
Swift
38
Unreviewed advisories
All unreviewed
5,000+

6,641 advisories

Loading
go.rgst.io/stencil/v2 vulnerable to Path Traversal Moderate
GHSA-p799-q2pr-6mxj was published for go.rgst.io/stencil/v2 (Go) Mar 29, 2025
A vulnerability, which was classified as problematic, was found in ChestnutCMS up to 1.5.3.... Moderate Unreviewed
CVE-2025-2917 was published Mar 28, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2024-54291 was published Mar 28, 2025
github.com/jaredallard/archives Has Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Moderate
GHSA-j95m-rcjp-q69h was published for github.com/jaredallard/archives (Go) Mar 28, 2025
Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in... Moderate Unreviewed
CVE-2025-27716 was published Mar 28, 2025
Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in... Low Unreviewed
CVE-2025-27726 was published Mar 28, 2025
The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to... High Unreviewed
CVE-2025-2328 was published Mar 28, 2025
Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in... High Unreviewed
CVE-2025-27718 was published Mar 28, 2025
Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in... High Unreviewed
CVE-2025-27932 was published Mar 28, 2025
The Kubio AI Page Builder plugin for WordPress is vulnerable to Local File Inclusion in all... Critical Unreviewed
CVE-2025-2294 was published Mar 28, 2025
tar-fs Vulnerable to Link Following and Path Traversal via Extracting a Crafted tar File High
CVE-2024-12905 was published for tar-fs (npm) Mar 27, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-30895 was published Mar 27, 2025
The Product Import Export for WooCommerce – Import Export Product CSV Suite plugin for WordPress... Moderate Unreviewed
CVE-2025-1769 was published Mar 26, 2025
The Jobs for WordPress plugin for WordPress is vulnerable to Directory Traversal in all versions... Moderate Unreviewed
CVE-2025-1310 was published Mar 26, 2025
An issue was discovered in Artifex Ghostscript before 10.05.0. Access to arbitrary files can... Critical Unreviewed
CVE-2025-27837 was published Mar 25, 2025
NASA cFS (Core Flight System) Aquila is vulnerable to path traversal in the OSAL module, allowing... High Unreviewed
CVE-2025-25371 was published Mar 25, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-30567 was published Mar 25, 2025
A vulnerability, which was classified as problematic, has been found in zhijiantianya ruoyi-vue... Moderate Unreviewed
CVE-2025-2743 was published Mar 25, 2025
A vulnerability classified as critical was found in zhijiantianya ruoyi-vue-pro 2.4.1. This... Moderate Unreviewed
CVE-2025-2742 was published Mar 25, 2025
A vulnerability, which was classified as critical, was found in zhijiantianya ruoyi-vue-pro 2.4.1... Moderate Unreviewed
CVE-2025-2744 was published Mar 25, 2025
A vulnerability classified as problematic was found in China Mobile P22g-CIac 1.0.00.488. This... Moderate Unreviewed
CVE-2025-2716 was published Mar 25, 2025
ingress-nginx controller - auth secret file path traversal vulnerability Moderate
CVE-2025-24513 was published for k8s.io/ingress-nginx (Go) Mar 25, 2025
dor-hayun
A vulnerability, which was classified as critical, was found in zhijiantianya ruoyi-vue-pro 2.4.1... Moderate Unreviewed
CVE-2025-2708 was published Mar 24, 2025
A vulnerability, which was classified as critical, has been found in zhijiantianya ruoyi-vue-pro... Moderate Unreviewed
CVE-2025-2707 was published Mar 24, 2025
An authenticated remote code execution in Kentico Xperience allows authenticated users Staging... High Unreviewed
CVE-2025-2749 was published Mar 24, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database