GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,054
Composer 4,791
Erlang 36
GitHub Actions 29
Go 2,373
Maven 5,681
npm 3,998
NuGet 720
pip 3,801
Pub 12
RubyGems 927
Rust 984
Swift 38

Unreviewed advisories

All unreviewed 262,068

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

73 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code... High Unreviewed

CVE-2025-48817 was published Jul 8, 2025

The iPublish System developed by Jhenggao has an Arbitrary File Reading vulnerability, allowing... High Unreviewed

CVE-2025-7146 was published Jul 8, 2025

Innoshop through 0.4.1 allows directory traversal via FileManager API endpoints. An authenticated... High Unreviewed

CVE-2025-52922 was published Jun 23, 2025

Sitecore Experience Manager (XM), Experience Platform (XP), and Experience Commerce (XC) versions... High Unreviewed

CVE-2025-34510 was published Jun 17, 2025

IBM AIX 7.3 and IBM VIOS 4.1.1 Perl implementation could allow a non-privileged local user to... High Unreviewed

CVE-2025-33112 was published Jun 10, 2025

Relative Path Traversal vulnerability in Themewinter Eventin allows Path Traversal.This issue... High Unreviewed

CVE-2025-47445 was published May 14, 2025

A vulnerability in the “Certificates and Keys” functionality of the web application of ctrlX OS... High Unreviewed

CVE-2025-24350 was published Apr 30, 2025

Ratta SuperNote A6 X2 Nomad before December 2024 allows remote code execution because an... High Unreviewed

CVE-2025-32409 was published Apr 8, 2025

The Import Export Suite for CSV and XML Datafeed plugin for WordPress is vulnerable to arbitrary... High Unreviewed

CVE-2025-2007 was published Apr 1, 2025

An unauthorized file deletion vulnerability exists in the latest version of the Polyaxon platform... High Unreviewed

CVE-2024-9363 was published Mar 20, 2025

A path traversal vulnerability exists in the 'document uploads manager' feature of mintplex-labs... High Unreviewed

CVE-2024-10513 was published Mar 20, 2025

The API used to interact with documents in the application contains two endpoints with a flaw... High Unreviewed

CVE-2024-54449 was published Mar 14, 2025

The API used to interact with documents in the application contains a flaw that allows an... High Unreviewed

CVE-2024-12019 was published Mar 14, 2025

The WP Ghost (Hide My WP Ghost) – Security & Firewall plugin for WordPress is vulnerable to Path... High Unreviewed

CVE-2025-2056 was published Mar 14, 2025

NVIDIA Nemo Framework contains a vulnerability where a user could cause a relative path traversal... High Unreviewed

CVE-2025-23360 was published Mar 11, 2025

Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code... High Unreviewed

CVE-2025-26645 was published Mar 11, 2025

Relative Path Traversal vulnerability in NotFound Delete Comments By Status allows PHP Local File... High Unreviewed

CVE-2025-25130 was published Mar 3, 2025

A CWE-23 "Relative Path Traversal" in the file upload mechanism in Q-Free MaxTime less than or... High Unreviewed

CVE-2025-26349 was published Feb 12, 2025

Fedora Repository 3.8.1 allows path traversal when extracting uploaded archives ("Zip Slip"). A... High Unreviewed

CVE-2025-23011 was published Jan 23, 2025

TenderDocTransfer from Chunghwa Telecom has an Arbitrary File Write vulnerability. The... High Unreviewed

CVE-2024-12642 was published Dec 16, 2024

In JetBrains YouTrack before 2024.3.51866 system takeover was possible through path traversal in... High Unreviewed

CVE-2024-54154 was published Dec 4, 2024

The DVC from TRCore has a Path Traversal vulnerability, allowing unauthenticated remote attackers... High Unreviewed

CVE-2024-11309 was published Nov 18, 2024

The DVC from TRCore has a Path Traversal vulnerability, allowing unauthenticated remote attackers... High Unreviewed

CVE-2024-11310 was published Nov 18, 2024

The D-Link DSL6740C modem has a Path Traversal Vulnerability, allowing unauthenticated remote... High Unreviewed

CVE-2024-11067 was published Nov 11, 2024

Relative Path Traversal vulnerability in Webangon The Pack Elementor addons allows PHP Local File... High Unreviewed

CVE-2024-50453 was published Oct 28, 2024

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

73 advisories