GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,875
Composer 5,065
Erlang 39
GitHub Actions 38
Go 2,698
Maven 6,138
npm 4,325
NuGet 761
pip 4,099
Pub 12
RubyGems 958
Rust 1,063
Swift 45

Unreviewed advisories

All unreviewed 278,642

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

827 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Marvell QConvergeConsole saveAsText Directory Traversal Remote Code Execution Vulnerability. This... Critical Unreviewed

CVE-2025-6794 was published Jul 7, 2025

MICROSENS NMP Web+ could allow an unauthenticated attacker to overwrite files and execute... Critical Unreviewed

CVE-2025-49153 was published Jun 26, 2025

An arbitrary file upload vulnerability exists in the Zhiyuan OA platform 5.0, 5.1 - 5.6sp1, 6.0 -... Critical Unreviewed

CVE-2025-34040 was published Jun 26, 2025

A path traversal vulnerability exists in multiple models of Selea Targa IP OCR-ANPR cameras,... Critical Unreviewed

CVE-2025-34022 was published Jun 20, 2025

Directory Traversal vulnerability in novel plus before v.5.1.0 allows a remote attacker to... Critical Unreviewed

CVE-2025-45890 was published Jun 20, 2025

Taylored webhook validation vulnerabilities Critical

GHSA-8g98-m4j9-qww5 was published for taylored (npm) Jun 18, 2025

The Image Resizer On The Fly plugin for WordPress is vulnerable to arbitrary file deletion due to... Critical Unreviewed

CVE-2025-6065 was published Jun 14, 2025

OpenC3 COSMOS Vulnerable to Directory Traversal via /script-api/scripts/ endpoint Critical

CVE-2025-28384 was published for openc3-cosmos-tool-iframe (RubyGems) Jun 13, 2025

Path traversal vulnerability exists in RICOH Streamline NX V3 PC Client versions 3.5.0 to 3.242.0... Critical Unreviewed

CVE-2025-46783 was published Jun 13, 2025

Salt vulnerable to directory traversal attack in file receiving method Critical

CVE-2024-38824 was published for salt (pip) Jun 13, 2025

Allows modifying some file metadata (e.g. last modified) with filter="data" or file permissions ... Critical Unreviewed

CVE-2024-12718 was published Jun 3, 2025

Allows arbitrary filesystem writes outside the extraction directory during extraction with filter... Critical Unreviewed

CVE-2025-4517 was published Jun 3, 2025

The Madara – Responsive and modern WordPress theme for manga sites theme for WordPress is... Critical Unreviewed

CVE-2025-4524 was published May 21, 2025

Improper limitation of pathname in Circuit Provisioning and File Import applications allows... Critical Unreviewed

CVE-2025-48017 was published May 20, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed

CVE-2025-32926 was published May 19, 2025

The TicketBAI Facturas para WooCommerce plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed

CVE-2025-4564 was published May 15, 2025

Improper limitation of a pathname to a restricted directory ('path traversal') in Azure allows an... Critical Unreviewed

CVE-2025-30387 was published May 13, 2025

Improper limitation of a pathname to a restricted directory vulnerability in Samsung MagicINFO 9... Critical Unreviewed

CVE-2025-4632 was published May 13, 2025

foxcms v1.2.5 was discovered to contain an arbitrary file deletion vulnerability via the... Critical Unreviewed

CVE-2025-45238 was published May 5, 2025

Output Messenger before 2.0.63 was vulnerable to a directory traversal attack through improper... Critical Unreviewed

CVE-2025-27920 was published May 5, 2025

Quick Agent V3 and Quick Agent V2 contain an issue with improper limitation of a pathname to a... Critical Unreviewed

CVE-2025-26692 was published Apr 28, 2025

The Database Toolset plugin is vulnerable to arbitrary file deletion due to insufficient file... Critical Unreviewed

CVE-2025-3065 was published Apr 24, 2025

A path traversal vulnerability in Commvault Command Center Innovation Release allows an... Critical Unreviewed

CVE-2025-34028 was published Apr 22, 2025

A vulnerability exists in the daemon process of the Yi IOT XY-3820 v6.0.24.10, which exposes a... Critical Unreviewed

CVE-2025-29660 was published Apr 21, 2025

Local File Inclusion (LFI) vulnerability in a Render function of Formulatrix Rock Maker Web (RMW)... Critical Unreviewed

CVE-2025-0632 was published Apr 21, 2025

Previous 1…3…34 Next

Previous 1 2 3 4 5 … 33 34 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

827 advisories