Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,652
Erlang
34
GitHub Actions
26
Go
2,257
Maven
5,000+
npm
3,909
NuGet
704
pip
3,680
Pub
12
RubyGems
915
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

6,728 advisories

Loading
The Export and Import Users and Customers plugin for WordPress is vulnerable to Path Traversal in... Moderate Unreviewed
CVE-2025-1973 was published Mar 22, 2025
A directory traversal issue was discovered in OpenSlides before 4.2.5. Files can be uploaded to... Low Unreviewed
CVE-2025-30343 was published Mar 21, 2025
The Order Export & Order Import for WooCommerce plugin for WordPress is vulnerable to Directory... Moderate Unreviewed
CVE-2024-13920 was published Mar 20, 2025
A Path Traversal vulnerability exists in the `/wipe_database` endpoint of parisneo/lollms version... High Unreviewed
CVE-2024-9597 was published Mar 20, 2025
An unauthenticated directory traversal vulnerability exists in Polyaxon, affecting the latest... High Unreviewed
CVE-2024-9362 was published Mar 20, 2025
A Path Traversal vulnerability exists in the file upload functionality of transformeroptimus... High Unreviewed
CVE-2024-9415 was published Mar 20, 2025
MLflow has a Local File Read/Path Traversal in dbfs High
CVE-2024-8859 was published for mlflow (pip) Mar 20, 2025
A path traversal vulnerability exists in the `install` and `uninstall` API endpoints of parisneo... Moderate Unreviewed
CVE-2024-8898 was published Mar 20, 2025
AgentScope directory traversal vulnerability in /read-examples High
CVE-2024-8524 was published for agentscope (pip) Mar 20, 2025
AgentScope path traversal vulnerability in save-workflow Critical
CVE-2024-8551 was published for agentscope (pip) Mar 20, 2025
Aim path traversal in LockManager.release_locks Critical
CVE-2024-8769 was published for aim (pip) Mar 20, 2025
AgentScope Path Traversal in /api/file High
CVE-2024-8438 was published for agentscope (pip) Mar 20, 2025
AgentScope path traversal vulnerability Critical
CVE-2024-8537 was published for agentscope (pip) Mar 20, 2025
Open Neural Network Exchange (ONNX) Path Traversal Vulnerability High
CVE-2024-7776 was published for onnx (pip) Mar 20, 2025
Aim Path Traversal vulnerability High
CVE-2024-6851 was published for aim (pip) Mar 20, 2025
Open WebUI Allows Arbitrary File Write via the `/models/upload` Endpoint Moderate
CVE-2024-7034 was published for open-webui (pip) Mar 20, 2025
A path traversal vulnerability exists in stitionai/devika, specifically in the project creation... Critical Unreviewed
CVE-2024-5752 was published Mar 20, 2025
A local file inclusion vulnerability exists in netease-youdao/qanything version v2.0.0. This... High Unreviewed
CVE-2024-12866 was published Mar 20, 2025
Gradio Path Traversal vulnerability Moderate
CVE-2024-12217 was published for gradio (pip) Mar 20, 2025
GluonCV Arbitrary File Write via TarSlip High
CVE-2024-12216 was published for gluoncv (pip) Mar 20, 2025
A vulnerability in the upload function of binary-husky/gpt_academic allows any user to read... Moderate Unreviewed
CVE-2024-10948 was published Mar 20, 2025
InvokeAI Arbitrary File Deletion vulnerability Critical
CVE-2024-11042 was published for InvokeAI (pip) Mar 20, 2025
A path traversal vulnerability exists in binary-husky/gpt_academic at commit 679352d, which... Moderate Unreviewed
CVE-2024-11037 was published Mar 20, 2025
DB-GPT Absolute Path Traversal in knowledge/{space_name}/document/upload Critical
CVE-2024-10833 was published for dbgpt (pip) Mar 20, 2025
DB-GPT Path Traversal vulnerability High
CVE-2024-10830 was published for dbgpt (pip) Mar 20, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database