Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+

2,759 advisories

Loading
A vulnerability classified as critical has been found in CmsEasy 7.7.7.9. This affects the... Moderate Unreviewed
CVE-2025-1106 was published Feb 7, 2025
xml2rfc has file inclusion irregularities Moderate
GHSA-432c-wxpg-m4q3 was published for xml2rfc (pip) Feb 7, 2025
The Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin for WordPress is... Moderate Unreviewed
CVE-2025-0859 was published Feb 6, 2025
IBM App Connect enterprise 12.0.1.0 through 12.0.12.10 and 13.0.1.0 through 13.0.2.1 could allow... Moderate Unreviewed
CVE-2025-0799 was published Feb 6, 2025
Browsershot Local File Inclusion Moderate
CVE-2025-1026 was published for spatie/browsershot (Composer) Feb 5, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Files or... Moderate Unreviewed
CVE-2024-48019 was published Feb 4, 2025
Vitest browser mode serves arbitrary files Moderate
CVE-2025-24963 was published for @vitest/browser (npm) Feb 4, 2025
sapphi-red
S3Proxy allows insecure path traversal in filesystem and filesystem-nio2 storage backends Moderate
CVE-2025-24961 was published for org.gaul:s3proxy (Maven) Feb 3, 2025
xbow-security
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2025-24605 was published Feb 3, 2025
A vulnerability classified as critical was found in CmsEasy 7.7.7.9. This vulnerability affects... Moderate Unreviewed
CVE-2025-0973 was published Feb 3, 2025
The Jupiter X Core plugin for WordPress is vulnerable to Directory Traversal in all versions up... Moderate Unreviewed
CVE-2025-0365 was published Feb 1, 2025
Sante PACS Server DCM File Parsing Directory Traversal Arbitrary File Write Vulnerability. This... Moderate Unreviewed
CVE-2025-0573 was published Jan 30, 2025
Sante PACS Server Web Portal DCM File Parsing Directory Traversal Arbitrary File Write... Moderate Unreviewed
CVE-2025-0572 was published Jan 30, 2025
CRI-O Path Traversal vulnerability Moderate
CVE-2025-0750 was published for github.com/cri-o/cri-o (Go) Jan 28, 2025
A vulnerability has been identified in Node.js, specifically affecting the handling of drive... Moderate Unreviewed
CVE-2025-23084 was published Jan 28, 2025
IBM Cloud Pak System 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, and 2.3.4.0... Moderate Unreviewed
CVE-2023-38012 was published Jan 25, 2025
The Connections Business Directory plugin for WordPress is vulnerable to arbitrary directory... Moderate Unreviewed
CVE-2024-12885 was published Jan 25, 2025
The ABC Notation plugin for WordPress is vulnerable to Path Traversal in all versions up to, and... Moderate Unreviewed
CVE-2024-13550 was published Jan 25, 2025
A vulnerability, which was classified as problematic, has been found in JoeyBling bootplus up to... Moderate Unreviewed
CVE-2025-0703 was published Jan 24, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2025-24611 was published Jan 24, 2025
Arbitrary file upload, deletion and read through header manipulation Moderate Unreviewed
CVE-2024-55926 was published Jan 23, 2025
BigFix Patch Download Plug-ins are affected by path traversal vulnerability. The application... Moderate Unreviewed
CVE-2024-42187 was published Jan 23, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2025-23562 was published Jan 22, 2025
Input validation vulnerability in Qualifio's Wheel of Fortune. This vulnerability could allow an... Moderate Unreviewed
CVE-2025-0614 was published Jan 21, 2025
Input validation vulnerability in Qualifio's Wheel of Fortune. This vulnerability allows an... Moderate Unreviewed
CVE-2025-0615 was published Jan 21, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database