Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,968
Erlang
39
GitHub Actions
38
Go
2,616
Maven
5,000+
npm
4,255
NuGet
760
pip
4,040
Pub
12
RubyGems
953
Rust
1,050
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,150 advisories

Loading
A path handling issue was addressed with improved logic. This issue is fixed in visionOS 2.4,... Moderate Unreviewed
CVE-2025-30470 was published Apr 1, 2025
ingress-nginx controller - auth secret file path traversal vulnerability Moderate
CVE-2025-24513 was published for k8s.io/ingress-nginx (Go) Mar 25, 2025
dor-hayun
Credited to dor-hayun
A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc... Moderate Unreviewed
CVE-2024-12087 was published Jan 14, 2025
A flaw was found in rsync. When using the `--safe-links` option, rsync fails to properly verify... Moderate Unreviewed
CVE-2024-12088 was published Jan 14, 2025
An attacker who successfully exploited these vulnerabilities could grant read access to files. A... Moderate Unreviewed
CVE-2024-12429 was published Jan 7, 2025
A vulnerability has been identified in Omnivise T3000 Application Server (All versions). Affected... Moderate Unreviewed
CVE-2024-38878 was published Aug 2, 2024
There's a flaw in Python 3's pydoc. A local or adjacent attacker who discovers or is able to... Moderate Unreviewed
CVE-2021-3426 was published May 24, 2022
IBM Data Risk Manager 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, and 2.0.6 could allow a remote... Moderate Unreviewed
CVE-2020-4430 was published May 24, 2022
A parsing issue in the handling of directory paths was addressed with improved path validation.... Moderate Unreviewed
CVE-2025-43190 was published Sep 16, 2025
A parsing issue in the handling of directory paths was addressed with improved path validation.... Moderate Unreviewed
CVE-2025-43314 was published Sep 16, 2025
A path handling issue was addressed with improved validation. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-43250 was published Jul 30, 2025
A parsing issue in the handling of directory paths was addressed with improved path validation.... Moderate Unreviewed
CVE-2025-43206 was published Jul 30, 2025
A path handling issue was addressed with improved validation. This issue is fixed in macOS... Moderate Unreviewed
CVE-2025-43191 was published Jul 30, 2025
A vulnerability has been identified in Node.js, specifically affecting the handling of drive... Moderate Unreviewed
CVE-2025-23084 was published Jan 28, 2025
CrushFTP 9.x and 10.x through 10.8.4 and 11.x through 11.3.1 allows directory traversal via the ... Moderate Unreviewed
CVE-2025-32103 was published Apr 15, 2025
Nagvis before 1.9.34 was discovered to contain an arbitrary file read vulnerability via the... Moderate Unreviewed
CVE-2022-46945 was published May 26, 2023
A remote code execution vulnerability in Mitel MiVoice Connect Client before 214.100.1223.0 could... Moderate Unreviewed
CVE-2020-12456 was published May 24, 2022
A security flaw has been discovered in jeecgboot jeewx-boot up to... Moderate Unreviewed
CVE-2025-12626 was published Nov 3, 2025
A vulnerability was found in Kingdee Cloud-Starry-Sky Enterprise Edition up to 8.2. It has been... Moderate Unreviewed
CVE-2025-8516 was published Aug 4, 2025
The Zombify plugin for WordPress is vulnerable to Path Traversal in all versions up to, and... Moderate Unreviewed
CVE-2025-8385 was published Oct 31, 2025
Allegra DatabaseBackupBL Directory Traversal Information Disclosure Vulnerability. This... Moderate Unreviewed
CVE-2025-11466 was published Oct 29, 2025
A flaw has been found in OpenWGA 7.11.12 Build 737. This affects an unknown function of the file... Moderate Unreviewed
CVE-2025-12250 was published Oct 27, 2025
A weakness has been identified in givanz Vvveb up to 1.0.7.3. This issue affects the function... Moderate Unreviewed
CVE-2025-12203 was published Oct 27, 2025
Liferay Portal ComboServlet denial of service via large file combination Moderate
CVE-2025-62254 was published for com.liferay.portal:com.liferay.portal.impl (Maven) Oct 24, 2025
Relative path traversal in Knox Enterprise prior to SMR Oct-2025 Release 1 allows local attackers... Moderate Unreviewed
CVE-2025-21048 was published Oct 10, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database