Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

7,187 advisories

Loading
The File Manager Advanced Shortcode WordPress plugin for WordPress is vulnerable to Local File... High Unreviewed
CVE-2024-13914 was published May 15, 2025
The TicketBAI Facturas para WooCommerce plugin for WordPress is vulnerable to arbitrary file... Critical Unreviewed
CVE-2025-4564 was published May 15, 2025
ThinkAdmin directory traversal vulnerability High
CVE-2020-25540 was published for zoujingli/thinkadmin (Composer) May 24, 2022
AnonySE26
A vulnerability was found in SourceCodester Student Result Management System 1.0. It has been... Moderate Unreviewed
CVE-2025-4720 was published May 15, 2025
In JetBrains IntelliJ IDEA before 2023.3.3 path traversal was possible when unpacking archives Low Unreviewed
CVE-2024-24940 was published Feb 6, 2024
PNETLab 4.2.10 does not properly sanitize user inputs in its file access mechanisms. This allows... High Unreviewed
CVE-2025-40629 was published May 16, 2025
In JetBrains TeamCity before 2025.03.1 improper path validation in loggingPreset parameter was... Moderate Unreviewed
CVE-2025-46433 was published Apr 25, 2025
The System Dashboard WordPress plugin before 2.8.15 does not validate user input used in a path,... Moderate Unreviewed
CVE-2024-10708 was published Dec 10, 2024
A vulnerability was found in merikbest ecommerce-spring-reactjs up to... Moderate Unreviewed
CVE-2025-4868 was published May 18, 2025
A vulnerability classified as critical has been found in jammy928... Moderate Unreviewed
CVE-2025-4893 was published May 18, 2025
A vulnerability was found in SourceCodester Student Result Management System 1.0. It has been... Moderate Unreviewed
CVE-2025-4898 was published May 19, 2025
A vulnerability has been found in SourceCodester Student Result Management System 1.0 and... Moderate Unreviewed
CVE-2025-4912 was published May 19, 2025
Path traversal vulnerability exists in a-blog cms versions prior to Ver. 3.1.43 and versions... Moderate Unreviewed
CVE-2025-27566 was published May 19, 2025
A path traversal vulnerability in the iclock API of ZKTeco BioTime v8.5.5 allows unauthenticated... High Unreviewed
CVE-2023-38950 was published Aug 4, 2023
Session version 1.17.5 allows obtaining internal application files and public files from the... Moderate Unreviewed
CVE-2024-2045 was published Mar 1, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2025-3223 was published May 19, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2025-32926 was published May 19, 2025
Output Messenger before 2.0.63 was vulnerable to a directory traversal attack through improper... Critical Unreviewed
CVE-2025-27920 was published May 5, 2025
VMware Cloud Foundation contains a directory traversal vulnerability. A malicious actor with... High Unreviewed
CVE-2025-41229 was published May 20, 2025
In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix a suspicious RCU... Moderate Unreviewed
CVE-2023-52623 was published Mar 26, 2024
tar-fs Vulnerable to Link Following and Path Traversal via Extracting a Crafted tar File High
CVE-2024-12905 was published for tar-fs (npm) Mar 27, 2025
pcreager23
Improper limitation of pathname in Circuit Provisioning and File Import applications allows... Critical Unreviewed
CVE-2025-48017 was published May 20, 2025
A vulnerability has been found in Kingdee Cloud Galaxy Private Cloud BBC System up to 9.0 Patch... Moderate Unreviewed
CVE-2025-5029 was published May 21, 2025
The Madara – Responsive and modern WordPress theme for manga sites theme for WordPress is... Critical Unreviewed
CVE-2025-4524 was published May 21, 2025
Allegra isZipEntryValide Directory Traversal Remote Code Execution Vulnerability. This... High Unreviewed
CVE-2025-3486 was published May 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database