Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,504
Maven
5,000+
npm
4,149
NuGet
735
pip
3,949
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

7,184 advisories

Loading
auth-js Vulnerable to Insecure Path Routing from Malformed User Input Low
CVE-2025-48370 was published for @supabase/auth-js (npm) May 27, 2025
kos0ng
Jenkins WildFly Deployer Plugin vulnerable to path traversal Moderate
CVE-2022-41235 was published for org.jenkins-ci.plugins:wildfly-deployer (Maven) Sep 22, 2022
NotMyFault
Safe Software FME Server v2022.0.1.1 and below was discovered to contain a Path Traversal... High Unreviewed
CVE-2022-38340 was published Sep 21, 2022
A vulnerability was found in chshcms mccms 2.7. It has been declared as critical. This... Moderate Unreviewed
CVE-2025-5328 was published May 29, 2025
Traefik allows path traversal using url encoding Low
CVE-2025-47952 was published for github.com/traefik/traefik (Go) May 28, 2025
antonjanrutten
Relative path traversal vulnerability in a-blog cms Ver.3.1.x series versions prior to Ver.3.1.7,... High Unreviewed
CVE-2024-23182 was published Jan 23, 2024
In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions ... High Unreviewed
CVE-2024-27199 was published Mar 4, 2024
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions).... Moderate Unreviewed
CVE-2025-40573 was published May 13, 2025
An issue was discovered in JUMP AMS 3.6.0.04.009-2487. A JUMP SOAP endpoint permitted the writing... High Unreviewed
CVE-2021-32016 was published May 24, 2022
An issue was discovered in JUMP AMS 3.6.0.04.009-2487. The JUMP SOAP API was vulnerable to... Moderate Unreviewed
CVE-2021-32018 was published May 24, 2022
The Newsletters plugin for WordPress is vulnerable to Local File Inclusion in all versions up to,... High Unreviewed
CVE-2025-4857 was published May 31, 2025
A vulnerability, which was classified as problematic, was found in Yifang CMS up to 2.0.2.... Moderate Unreviewed
CVE-2025-5381 was published May 31, 2025
A vulnerability, which was classified as critical, has been found in ashinigit 天青一白 XueShengZhuSu... Moderate Unreviewed
CVE-2025-5380 was published May 31, 2025
A vulnerability was found in JeeWMS up to 20250504. It has been declared as critical. This... Moderate Unreviewed
CVE-2025-5385 was published May 31, 2025
IBM Planning Analytics Local 2.0 and 2.1 could allow a privileged user to delete files from... Moderate Unreviewed
CVE-2025-33004 was published Jun 1, 2025
The Directorist WordPress plugin before 7.5.4 is vulnerable to Local File Inclusion as it does... Low Unreviewed
CVE-2023-2252 was published Jan 16, 2024
A directory traversal arbitrary file deletion vulnerability exists in HPE StoreOnce Software. Moderate Unreviewed
CVE-2025-37094 was published Jun 2, 2025
Directory Traversal vulnerability in WebLaudos 24.2 (04) allows a remote attacker to obtain... High Unreviewed
CVE-2025-27956 was published Jun 2, 2025
Improper limitation of a pathname to a restricted directory ('Path Traversal') issue exists in... Moderate Unreviewed
CVE-2025-41428 was published Jun 3, 2025
A directory traversal vulnerability exists in the PVMP package unpacking functionality of... High Unreviewed
CVE-2025-31359 was published Jun 3, 2025
HCL DRYiCE MyXalytics is impacted by path traversal arbitrary file read vulnerability because it... High Unreviewed
CVE-2023-45722 was published Jan 3, 2024
Kyocera Device Manager before 3.1.1213.0 allows NTLM credential exposure during UNC path... High Unreviewed
CVE-2023-50916 was published Jan 10, 2024
The number identification module has a path traversal vulnerability. Successful exploitation of... High Unreviewed
CVE-2022-39001 was published Sep 17, 2022
A vulnerability classified as critical has been found in quequnlong shiyi-blog up to 1.2.1. This... Moderate Unreviewed
CVE-2025-5509 was published Jun 3, 2025
Allows modifying some file metadata (e.g. last modified) with filter="data" or file permissions ... Critical Unreviewed
CVE-2024-12718 was published Jun 3, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database