Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,876
Erlang
37
GitHub Actions
37
Go
2,526
Maven
5,000+
npm
4,187
NuGet
741
pip
3,968
Pub
12
RubyGems
947
Rust
1,029
Swift
39
Unreviewed advisories
All unreviewed
5,000+

7,211 advisories

Loading
Mattermost Fails to Sanitize Path Traversal Sequences Moderate
CVE-2025-8023 was published for github.com/mattermost/mattermost-server (Go) Aug 21, 2025
The WP Webhooks plugin for WordPress is vulnerable to arbitrary file copy due to missing... Critical Unreviewed
CVE-2025-8895 was published Aug 21, 2025
Mattermost Fails to Validate File Paths Moderate
CVE-2025-36530 was published for github.com/mattermost/mattermost-server (Go) Aug 21, 2025
Group-Office versions prior to 6.8.119 and prior to 25.0.20 provided by Intermesh BV contain a... Moderate Unreviewed
CVE-2025-53505 was published Aug 21, 2025
Sockso Music Host Server versions <= 1.5 are vulnerable to a path traversal flaw that allows... High Unreviewed
CVE-2012-10061 was published Aug 20, 2025
CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')... Moderate Unreviewed
CVE-2025-54927 was published Aug 20, 2025
CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')... High Unreviewed
CVE-2025-54926 was published Aug 20, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-54021 was published Aug 20, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-48158 was published Aug 20, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2025-47650 was published Aug 20, 2025
The Redirection for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file deletion... High Unreviewed
CVE-2025-8141 was published Aug 20, 2025
A Path Traversal vulnerability in AllSky v2023.05.01_04 allows an unauthenticated attacker to... Critical Unreviewed
CVE-2024-44373 was published Aug 19, 2025
Copier's safe template has filesystem write access outside destination path Moderate
CVE-2025-55214 was published for copier (pip) Aug 18, 2025
sisp pawamoy
yajo
Copier's safe template has arbitrary filesystem read/write access High
CVE-2025-55201 was published for copier (pip) Aug 18, 2025
sisp pawamoy
yajo
Spring Framework MVC Applications Path Traversal Vulnerability Moderate
CVE-2025-41242 was published for org.springframework:spring-webmvc (Maven) Aug 18, 2025
The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to Local File... High Unreviewed
CVE-2025-3671 was published Aug 16, 2025
The Assistant for NextGEN Gallery plugin for WordPress is vulnerable to arbitrary directory... High Unreviewed
CVE-2025-7641 was published Aug 15, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2025-54715 was published Aug 14, 2025
Python-Future Module Arbitrary Code Execution via Unintended Import of test.py High
CVE-2025-50817 was published for future (pip) Aug 14, 2025
BarrensZeppelin
UnForm Server Manager versions prior to 10.1.12 expose an unauthenticated file read vulnerability... Critical Unreviewed
CVE-2025-34154 was published Aug 13, 2025
Umbraco CMS versions prior to 4.7.1 are vulnerable to unauthenticated remote code execution via... Critical Unreviewed
CVE-2012-10054 was published Aug 13, 2025
QuickShare File Server 1.2.1 contains a path traversal vulnerability in its FTP service due to... Critical Unreviewed
CVE-2011-10010 was published Aug 13, 2025
S40 CMS v0.4.2 contains a path traversal vulnerability in its index.php page handler. The p... High Unreviewed
CVE-2011-10009 was published Aug 13, 2025
NVIDIA NeMo library for all platforms contains a vulnerability in the model loading component,... High Unreviewed
CVE-2025-23304 was published Aug 13, 2025
A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled... High Unreviewed
CVE-2025-8941 was published Aug 13, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database