Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,908
Erlang
39
GitHub Actions
38
Go
2,568
Maven
5,000+
npm
4,240
NuGet
754
pip
4,004
Pub
12
RubyGems
953
Rust
1,042
Swift
45
Unreviewed advisories
All unreviewed
5,000+

7,289 advisories

Loading
A vulnerability was found in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. Affected by this... Moderate Unreviewed
CVE-2025-11914 was published Oct 17, 2025
A vulnerability has been found in Shenzhen Ruiming Technology Streamax Crocus 1.3.40. Affected by... Moderate Unreviewed
CVE-2025-11913 was published Oct 17, 2025
A path traversal vulnerability in all versions of the Windsurf IDE enables a threat actor to read... Critical Unreviewed
CVE-2025-62353 was published Oct 17, 2025
A path traversal vulnerability in all versions of the Qodo Qodo Gen IDE enables a threat actor to... High Unreviewed
CVE-2025-62356 was published Oct 17, 2025
Mammoth is vulnerable to Directory Traversal Moderate
CVE-2025-11849 was published for Mammoth (Maven) Oct 17, 2025
PrestaShop Checkout Backoffice directory traversal allows arbitrary file disclosure Moderate
CVE-2025-61923 was published for prestashop/ps_checkout (Composer) Oct 16, 2025
iNem0o
Credited to iNem0o
Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an absolute path traversal... High Unreviewed
CVE-2025-34517 was published Oct 16, 2025
Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain a relative path traversal... High Unreviewed
CVE-2025-34518 was published Oct 16, 2025
Smidge is vulnerable to Path Traversal Moderate
CVE-2025-11842 was published for Smidge (NuGet) Oct 16, 2025
An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability ... Moderate Unreviewed
CVE-2025-53951 was published Oct 16, 2025
An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability ... High Unreviewed
CVE-2025-54658 was published Oct 16, 2025
A path traversal issue exists in WXR9300BE6P series firmware versions prior to Ver.1.10.... High Unreviewed
CVE-2025-61941 was published Oct 15, 2025
The XStore theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and... High Unreviewed
CVE-2025-11746 was published Oct 15, 2025
Huijietong Cloud Video Platform contains a path traversal vulnerability that allows an... High Unreviewed
CVE-2024-13991 was published Oct 15, 2025
Arbitrary file download vulnerabilities exist in a low-level interface library in AOS-10 GW and... Moderate Unreviewed
CVE-2025-37144 was published Oct 14, 2025
Arbitrary file download vulnerabilities exist in a low-level interface library in AOS-10 GW and... Moderate Unreviewed
CVE-2025-37145 was published Oct 14, 2025
Argo Workflow has a Zipslip Vulnerability High
CVE-2025-62156 was published for github.com/argoproj/argo-workflows/v3 (Go) Oct 14, 2025
im-soohyun
Credited to im-soohyun
Path traversal in the admin panel of Ivanti EPMM before version 12.6.0.2, 12.5.0.4, and 12.4.0.4... Moderate Unreviewed
CVE-2025-10986 was published Oct 14, 2025
SAP Commerce Cloud contains a path traversal vulnerability that may allow users to access web... Moderate Unreviewed
CVE-2025-42906 was published Oct 14, 2025
Path traversal in Ivanti Endpoint Manager allows a remote unauthenticated attacker to achieve... High Unreviewed
CVE-2025-9713 was published Oct 13, 2025
A vulnerability was determined in RainyGao DocSys up to 2.02.36. Affected by this vulnerability... Moderate Unreviewed
CVE-2025-11631 was published Oct 12, 2025
A vulnerability was found in RainyGao DocSys up to 2.02.36. Affected is the function... Moderate Unreviewed
CVE-2025-11630 was published Oct 12, 2025
Vulnerability in the Oracle Configurator product of Oracle E-Business Suite (component: Runtime... High Unreviewed
CVE-2025-61884 was published Oct 12, 2025
A weakness has been identified in harry0703 MoneyPrinterTurbo up to 1.2.6. The impacted element... Moderate Unreviewed
CVE-2025-11607 was published Oct 11, 2025
The WooCommerce Designer Pro plugin for WordPress, used by the Pricom - Printing Company & Design... Critical Unreviewed
CVE-2025-6439 was published Oct 11, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database