Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,873
Erlang
37
GitHub Actions
36
Go
2,519
Maven
5,000+
npm
4,156
NuGet
736
pip
3,956
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

101 advisories

Loading
esm.sh has File Inclusion issue High
CVE-2025-59341 was published for github.com/esm-dev/esm.sh (Go) Sep 17, 2025
j3ssie
Relative path traversal vulnerability due to improper input validation in Digilent WaveForms that... High Unreviewed
CVE-2025-10203 was published Sep 15, 2025
The QbiCRMGateway developed by Ai3 has an Arbitrary File Reading vulnerability, allowing... High Unreviewed
CVE-2025-9639 was published Aug 29, 2025
Relative path traversal in Windows Kerberos allows an authorized attacker to elevate privileges... High Unreviewed
CVE-2025-53779 was published Aug 12, 2025
An issue was discovered in Logpoint before 7.6.0. An attacker with operator privileges can... High Unreviewed
CVE-2025-54317 was published Jul 20, 2025
In JetBrains TeamCity before 2025.07 path traversal was possible via plugin unpacking on Windows High Unreviewed
CVE-2025-54531 was published Jul 28, 2025
A path traversal vulnerability exists in the 'document uploads manager' feature of mintplex-labs... High Unreviewed
CVE-2024-10513 was published Mar 20, 2025
BatchSignCS, a background Windows application developed by WellChoose, has an Arbitrary File... High Unreviewed
CVE-2025-7619 was published Jul 14, 2025
Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code... High Unreviewed
CVE-2025-48817 was published Jul 8, 2025
The iPublish System developed by Jhenggao has an Arbitrary File Reading vulnerability, allowing... High Unreviewed
CVE-2025-7146 was published Jul 8, 2025
Directory traversal vulnerability in the Runtime Toolkit in CODESYS Runtime System 2.3.x and 2.4... High Unreviewed
CVE-2012-6069 was published May 17, 2022
raspap-webgui has a Directory Traversal vulnerability High
CVE-2025-44163 was published for billz/raspap-webgui (Composer) Jun 27, 2025
AstrBot Has Path Traversal Vulnerability in /api/chat/get_file High
CVE-2025-48957 was published for astrbot (pip) Jun 4, 2025
7resp4ss Soulter
Raven95676
Innoshop through 0.4.1 allows directory traversal via FileManager API endpoints. An authenticated... High Unreviewed
CVE-2025-52922 was published Jun 23, 2025
Sitecore Experience Manager (XM), Experience Platform (XP), and Experience Commerce (XC) versions... High Unreviewed
CVE-2025-34510 was published Jun 17, 2025
IBM AIX 7.3 and IBM VIOS 4.1.1 Perl implementation could allow a non-privileged local user to... High Unreviewed
CVE-2025-33112 was published Jun 10, 2025
In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions ... High Unreviewed
CVE-2024-27199 was published Mar 4, 2024
Relative Path Traversal vulnerability in Themewinter Eventin allows Path Traversal.This issue... High Unreviewed
CVE-2025-47445 was published May 14, 2025
A vulnerability in the “Certificates and Keys” functionality of the web application of ctrlX OS... High Unreviewed
CVE-2025-24350 was published Apr 30, 2025
A Relative Path Traversal issue was discovered in LOYTEC LVIS-3ME versions prior to 6.2.0. The... High Unreviewed
CVE-2017-13996 was published May 13, 2022
Umbraco has a Management API Vulnerability to Path Traversal With Authenticated Users High
CVE-2025-32017 was published for Umbraco.Cms (NuGet) Apr 9, 2025
ggisz
Ratta SuperNote A6 X2 Nomad before December 2024 allows remote code execution because an... High Unreviewed
CVE-2025-32409 was published Apr 8, 2025
Apache Commons VFS Has Relative Path Traversal Vulnerability High
CVE-2025-27553 was published for org.apache.commons:commons-vfs2 (Maven) Mar 23, 2025
The Import Export Suite for CSV and XML Datafeed plugin for WordPress is vulnerable to arbitrary... High Unreviewed
CVE-2025-2007 was published Apr 1, 2025
An unauthorized file deletion vulnerability exists in the latest version of the Polyaxon platform... High Unreviewed
CVE-2024-9363 was published Mar 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database