GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 21,144
Composer 4,333
Erlang 31
GitHub Actions 22
Go 2,095
Maven 5,265
npm 3,760
NuGet 678
pip 3,446
Pub 12
RubyGems 892
Rust 882
Swift 37

Unreviewed advisories

All unreviewed 242,536

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

5,346 advisories

Filter by severity

Sort by

Least recently updated

Local privilege escalation due to incorrect assignment of privileges of temporary files in the... High Unreviewed

CVE-2025-0542 was published Jan 25, 2025

IBM Cloud Pak System 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, and 2.3.4.0... Moderate Unreviewed

CVE-2023-38012 was published Jan 25, 2025

The ABC Notation plugin for WordPress is vulnerable to Path Traversal in all versions up to, and... Moderate Unreviewed

CVE-2024-13550 was published Jan 25, 2025

The Connections Business Directory plugin for WordPress is vulnerable to arbitrary directory... Moderate Unreviewed

CVE-2024-12885 was published Jan 25, 2025

A vulnerability, which was classified as problematic, has been found in JoeyBling bootplus up to... Moderate Unreviewed

CVE-2025-0703 was published Jan 24, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed

CVE-2025-24611 was published Jan 24, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed

CVE-2025-23422 was published Jan 24, 2025

The Post Grid, Slider & Carousel Ultimate – with Shortcode, Gutenberg Block & Elementor Widget... High Unreviewed

CVE-2024-13409 was published Jan 24, 2025

The Bootstrap Ultimate theme for WordPress is vulnerable to Local File Inclusion in all versions... Critical Unreviewed

CVE-2024-13545 was published Jan 24, 2025

Arbitrary file upload, deletion and read through header manipulation Moderate Unreviewed

CVE-2024-55926 was published Jan 23, 2025

BigFix Patch Download Plug-ins are affected by path traversal vulnerability. The application... Moderate Unreviewed

CVE-2024-42187 was published Jan 23, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed

CVE-2025-23562 was published Jan 22, 2025

Input validation vulnerability in Qualifio's Wheel of Fortune. This vulnerability could allow an... Moderate Unreviewed

CVE-2025-0614 was published Jan 21, 2025

Input validation vulnerability in Qualifio's Wheel of Fortune. This vulnerability allows an... Moderate Unreviewed

CVE-2025-0615 was published Jan 21, 2025

IBM Maximo MXAPIASSET API 7.6.1.3 could allow a remote attacker to traverse directories on the... Moderate Unreviewed

CVE-2024-45652 was published Jan 19, 2025

The Eventer plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and... Moderate Unreviewed

CVE-2024-10799 was published Jan 17, 2025

IBM InfoSphere Information Server 11.7 could allow a remote attacker to traverse directories on... Moderate Unreviewed

CVE-2024-52363 was published Jan 17, 2025

A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet... Moderate Unreviewed

CVE-2024-48885 was published Jan 16, 2025

SimpleHelp remote support software v5.5.7 and before is vulnerable to multiple path traversal... High Unreviewed

CVE-2024-57727 was published Jan 16, 2025

A path handling issue was addressed with improved logic. This issue is fixed in watchOS 11.1,... Moderate Unreviewed

CVE-2024-54535 was published Jan 15, 2025

An unbounded resource search path in Ivanti EPM before the 2024 January-2025 Security Update and... High Unreviewed

CVE-2024-13158 was published Jan 14, 2025

Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker... High Unreviewed

CVE-2024-13179 was published Jan 14, 2025

Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker... High Unreviewed

CVE-2024-13181 was published Jan 14, 2025

Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker... High Unreviewed

CVE-2024-13180 was published Jan 14, 2025

A vulnerability has been found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6... Moderate Unreviewed

CVE-2025-0461 was published Jan 14, 2025

Previous 1 2 3 4 5 … 213 214 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

5,346 advisories