Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,908
Erlang
39
GitHub Actions
38
Go
2,568
Maven
5,000+
npm
4,240
NuGet
754
pip
4,004
Pub
12
RubyGems
953
Rust
1,042
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,559 advisories

Loading
FLIR AX8 thermal sensor cameras version up to and including 1.46.16 is vulnerable to Directory... High Unreviewed
CVE-2022-37060 was published Aug 19, 2022
A path traversal vulnerability in all versions of the Qodo Qodo Gen IDE enables a threat actor to... High Unreviewed
CVE-2025-62356 was published Oct 17, 2025
Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an absolute path traversal... High Unreviewed
CVE-2025-34517 was published Oct 16, 2025
Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain a relative path traversal... High Unreviewed
CVE-2025-34518 was published Oct 16, 2025
Vulnerability in the Oracle Configurator product of Oracle E-Business Suite (component: Runtime... High Unreviewed
CVE-2025-61884 was published Oct 12, 2025
An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability ... High Unreviewed
CVE-2025-54658 was published Oct 16, 2025
A flaw was found in linux-pam. The pam_namespace module may improperly handle user-controlled... High Unreviewed
CVE-2025-8941 was published Aug 13, 2025
A local file inclusion vulnerability exists in haotian-liu/llava at commit c121f04. This... High Unreviewed
CVE-2024-12065 was published Mar 20, 2025
A path traversal vulnerability exists in gaizhenbiao/chuanhuchatgpt version 20240410, allowing... High Unreviewed
CVE-2024-6090 was published Jun 27, 2024
parisneo/lollms-webui is vulnerable to path traversal and denial of service attacks due to an... High Unreviewed
CVE-2024-1873 was published Jun 6, 2024
An arbitrary file deletion vulnerability exists in danny-avila/librechat version v0.7.5-rc2,... High Unreviewed
CVE-2024-10361 was published Mar 20, 2025
A path traversal issue exists in WXR9300BE6P series firmware versions prior to Ver.1.10.... High Unreviewed
CVE-2025-61941 was published Oct 15, 2025
The XStore theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and... High Unreviewed
CVE-2025-11746 was published Oct 15, 2025
Huijietong Cloud Video Platform contains a path traversal vulnerability that allows an... High Unreviewed
CVE-2024-13991 was published Oct 15, 2025
D-Link Nuclias Connect firmware versions < 1.3.1.4 contain a directory traversal vulnerability... High Unreviewed
CVE-2025-34248 was published Oct 9, 2025
Path traversal in Ivanti Endpoint Manager allows a remote unauthenticated attacker to achieve... High Unreviewed
CVE-2025-9713 was published Oct 13, 2025
Insufficient escaping in the report scheduler within Checkmk <2.4.0p13, <2.3.0p38, <2.2.0p46 and... High Unreviewed
CVE-2025-39664 was published Oct 9, 2025
ZSATray passes the previousInstallerName as a config parameter to TrayManager, and TrayManager... High Unreviewed
CVE-2023-41973 was published Mar 26, 2024
Newforma Info Exchange (NIX) '/UserWeb/Common/UploadBlueimp.ashx' allows an authenticated... High Unreviewed
CVE-2025-35055 was published Oct 9, 2025
A path traversal issue in the API endpoint in M-Files Server before version 25.6.14925.0 allows... High Unreviewed
CVE-2025-5964 was published Jun 15, 2025
A path traversal vulnerability was discovered in the Time Machine functionality due to missing... High Unreviewed
CVE-2025-40889 was published Oct 7, 2025
Path traversal vulnerability in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to... High Unreviewed
CVE-2025-59744 was published Oct 2, 2025
An attacker can obtain server information using Path Traversal vulnerability to conduct SQL... High Unreviewed
CVE-2025-11020 was published Oct 2, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Download of Code... High Unreviewed
CVE-2025-11182 was published Oct 2, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2024-11833 was published Dec 13, 2024
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database