GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,094
Composer 4,792
Erlang 36
GitHub Actions 29
Go 2,377
Maven 5,712
npm 4,002
NuGet 720
pip 3,802
Pub 12
RubyGems 927
Rust 984
Swift 38

Unreviewed advisories

All unreviewed 262,147

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

73 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code... High Unreviewed

CVE-2025-48817 was published Jul 8, 2025

The iPublish System developed by Jhenggao has an Arbitrary File Reading vulnerability, allowing... High Unreviewed

CVE-2025-7146 was published Jul 8, 2025

Directory traversal vulnerability in the Runtime Toolkit in CODESYS Runtime System 2.3.x and 2.4... High Unreviewed

CVE-2012-6069 was published May 17, 2022

Innoshop through 0.4.1 allows directory traversal via FileManager API endpoints. An authenticated... High Unreviewed

CVE-2025-52922 was published Jun 23, 2025

Sitecore Experience Manager (XM), Experience Platform (XP), and Experience Commerce (XC) versions... High Unreviewed

CVE-2025-34510 was published Jun 17, 2025

IBM AIX 7.3 and IBM VIOS 4.1.1 Perl implementation could allow a non-privileged local user to... High Unreviewed

CVE-2025-33112 was published Jun 10, 2025

In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions ... High Unreviewed

CVE-2024-27199 was published Mar 4, 2024

Relative Path Traversal vulnerability in Themewinter Eventin allows Path Traversal.This issue... High Unreviewed

CVE-2025-47445 was published May 14, 2025

A vulnerability in the “Certificates and Keys” functionality of the web application of ctrlX OS... High Unreviewed

CVE-2025-24350 was published Apr 30, 2025

A Relative Path Traversal issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The... High Unreviewed

CVE-2017-13996 was published May 13, 2022

Ratta SuperNote A6 X2 Nomad before December 2024 allows remote code execution because an... High Unreviewed

CVE-2025-32409 was published Apr 8, 2025

The Import Export Suite for CSV and XML Datafeed plugin for WordPress is vulnerable to arbitrary... High Unreviewed

CVE-2025-2007 was published Apr 1, 2025

An unauthorized file deletion vulnerability exists in the latest version of the Polyaxon platform... High Unreviewed

CVE-2024-9363 was published Mar 20, 2025

A path traversal vulnerability exists in the 'document uploads manager' feature of mintplex-labs... High Unreviewed

CVE-2024-10513 was published Mar 20, 2025

The API used to interact with documents in the application contains two endpoints with a flaw... High Unreviewed

CVE-2024-54449 was published Mar 14, 2025

The API used to interact with documents in the application contains a flaw that allows an... High Unreviewed

CVE-2024-12019 was published Mar 14, 2025

The WP Ghost (Hide My WP Ghost) – Security & Firewall plugin for WordPress is vulnerable to Path... High Unreviewed

CVE-2025-2056 was published Mar 14, 2025

NVIDIA Nemo Framework contains a vulnerability where a user could cause a relative path traversal... High Unreviewed

CVE-2025-23360 was published Mar 11, 2025

Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code... High Unreviewed

CVE-2025-26645 was published Mar 11, 2025

Unitronics Unistream Unilogic – Versions prior to 1.35.227 - CWE-23: Relative Path Traversal High Unreviewed

CVE-2024-27770 was published Mar 18, 2024

Relative Path Traversal vulnerability in NotFound Delete Comments By Status allows PHP Local File... High Unreviewed

CVE-2025-25130 was published Mar 3, 2025

A CWE-23 "Relative Path Traversal" in the file upload mechanism in Q-Free MaxTime less than or... High Unreviewed

CVE-2025-26349 was published Feb 12, 2025

Dmidecode before 3.5 allows -dump-bin to overwrite a local file. This has security relevance... High Unreviewed

CVE-2023-30630 was published Apr 13, 2023

In JetBrains YouTrack before 2024.3.51866 system takeover was possible through path traversal in... High Unreviewed

CVE-2024-54154 was published Dec 4, 2024

Fedora Repository 3.8.1 allows path traversal when extracting uploaded archives ("Zip Slip"). A... High Unreviewed

CVE-2025-23011 was published Jan 23, 2025

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

73 advisories