GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,776
Composer 5,036
Erlang 39
GitHub Actions 38
Go 2,680
Maven 6,124
npm 4,308
NuGet 760
pip 4,081
Pub 12
RubyGems 958
Rust 1,061
Swift 45

Unreviewed advisories

All unreviewed 278,310

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

691 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Arbitrary File Overwrite via Tar Extraction Path Traversal in DB Electronica Telecomunicazioni S... Critical Unreviewed

CVE-2025-66262 was published Nov 26, 2025

An authentication-bypass vulnerability exists in AiCloud. This vulnerability can be triggered by... Critical Unreviewed

CVE-2025-59366 was published Nov 25, 2025

A Directory Traversal vulnerability was found in the Application Server of Desktop Alert... Critical Unreviewed

CVE-2025-54347 was published Nov 25, 2025

BASIS BBj versions prior to 25.00 contain a Jetty-served web endpoint that fails to properly... Critical Unreviewed

CVE-2025-34320 was published Nov 20, 2025

A Path Restriction Bypass vulnerability exists in Serv-U that when abused, could give a malicious... Critical Unreviewed

CVE-2025-40549 was published Nov 18, 2025

N-central < 2025.4 is vulnerable to authentication bypass via path traversal Critical Unreviewed

CVE-2025-11366 was published Nov 12, 2025

The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +21 Modules – All in One Solution ... Critical Unreviewed

CVE-2025-12493 was published Nov 4, 2025

Vulnerable Upgrade Feature (Arbitrary File Write) may lead to obtaining super user permissions on... Critical Unreviewed

CVE-2025-12422 was published Oct 28, 2025

A path traversal vulnerability in all versions of the Windsurf IDE enables a threat actor to read... Critical Unreviewed

CVE-2025-62353 was published Oct 17, 2025

The WooCommerce Designer Pro plugin for WordPress, used by the Pricom - Printing Company & Design... Critical Unreviewed

CVE-2025-6439 was published Oct 11, 2025

The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is... Critical Unreviewed

CVE-2025-7526 was published Oct 9, 2025

Vulnerability in the Oracle Concurrent Processing product of Oracle E-Business Suite (component:... Critical Unreviewed

CVE-2025-61882 was published Oct 5, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Unrestricted... Critical Unreviewed

CVE-2025-11221 was published Oct 2, 2025

A path traversal vulnerability in Novakon P series allows to expose the root file system "/" and... Critical Unreviewed

CVE-2025-9963 was published Sep 23, 2025

A directory traversal issue in Swetrix Web Analytics API 3.1.1 before 7d8b972 allows a remote... Critical Unreviewed

CVE-2025-59304 was published Sep 17, 2025

Delta Electronics DIALink has an Directory Traversal Authentication Bypass Vulnerability. Critical Unreviewed

CVE-2025-58321 was published Sep 11, 2025

ColdFusion versions 2025.3, 2023.15, 2021.21 and earlier are affected by an Improper Limitation... Critical Unreviewed

CVE-2025-54261 was published Sep 9, 2025

ITCube CRM in versions from 2023.2 through 2025.2 is vulnerable to path traversal.... Critical Unreviewed

CVE-2025-5993 was published Sep 8, 2025

QiAnXin TianQing Management Center versions up to and including 6.7.0.4130 contain a path... Critical Unreviewed

CVE-2024-13984 was published Aug 28, 2025

A path traversal vulnerability exists in the Dahua Smart Park Integrated Management Platform ... Critical Unreviewed

CVE-2023-7309 was published Aug 28, 2025

LiveBOS, an object-oriented business architecture middleware suite developed by Apex Software Co.... Critical Unreviewed

CVE-2024-13981 was published Aug 28, 2025

n8n-workflows Main Commit ee25413 allows attackers to execute a directory traversal via the... Critical Unreviewed

CVE-2025-55526 was published Aug 26, 2025

A path traversal vulnerability in unauthenticated upload functionality allows a malicious actor... Critical Unreviewed

CVE-2025-53120 was published Aug 26, 2025

A path traversal vulnerability in the NPM package installation process of Google Cloud Dataform... Critical Unreviewed

CVE-2025-9118 was published Aug 25, 2025

The WP Webhooks plugin for WordPress is vulnerable to arbitrary file copy due to missing... Critical Unreviewed

CVE-2025-8895 was published Aug 21, 2025

Previous1…28 Next

Previous 1 2 3 4 5 … 27 28 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

691 advisories