Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,871
Erlang
37
GitHub Actions
36
Go
2,517
Maven
5,000+
npm
4,150
NuGet
736
pip
3,952
Pub
12
RubyGems
946
Rust
1,026
Swift
39
Unreviewed advisories
All unreviewed
5,000+

7,187 advisories

Loading
A vulnerability was found in kone-net go-chat up to f9e58d0afa9bbdb31faf25e7739da330692c4c63. It... Moderate Unreviewed
CVE-2025-7452 was published Jul 11, 2025
The RSFirewall! plugin for WordPress is vulnerable to Path Traversal in all versions up to, and... Moderate Unreviewed
CVE-2025-7518 was published Jul 12, 2025
A vulnerability has been found in JoeyBling SpringBoot_MyBatisPlus up to... Moderate Unreviewed
CVE-2025-7488 was published Jul 12, 2025
A vulnerability has been found in jshERP up to 3.5 and classified as critical. This vulnerability... Moderate Unreviewed
CVE-2025-7566 was published Jul 14, 2025
A vulnerability has been found in Zavy86 WikiDocs up to 1.0.77 and classified as critical.... Moderate Unreviewed
CVE-2025-7575 was published Jul 14, 2025
The Application is vulnerable to an authenticated Arbitrary File Deletion. This affects the Agent... High Unreviewed
CVE-2024-26292 was published Jul 14, 2025
A path traversal vulnerability exists in the 'document uploads manager' feature of mintplex-labs... High Unreviewed
CVE-2024-10513 was published Mar 20, 2025
qdrant/qdrant is vulnerable to a path traversal and arbitrary file upload vulnerability via the `... Critical Unreviewed
CVE-2024-2221 was published Apr 10, 2024
A vulnerability exists on all versions of Ivanti Policy Secure below 22.6R1 where an... Moderate Unreviewed
CVE-2023-39339 was published Jul 12, 2025
A vulnerability, which was classified as critical, was found in YiJiuSmile kkFileViewOfficeEdit... Moderate Unreviewed
CVE-2025-7625 was published Jul 14, 2025
A vulnerability was found in YiJiuSmile kkFileViewOfficeEdit up to... Moderate Unreviewed
CVE-2025-7628 was published Jul 14, 2025
A vulnerability has been found in YiJiuSmile kkFileViewOfficeEdit up to... Moderate Unreviewed
CVE-2025-7626 was published Jul 14, 2025
A path traversal vulnerability in the file_upload-cgi CGI program of Zyxel NWA50AX PRO firmware... High Unreviewed
CVE-2025-6265 was published Jul 15, 2025
The HT Contact Form Widget For Elementor Page Builder & Gutenberg Blocks & Form Builder. plugin... Critical Unreviewed
CVE-2025-7360 was published Jul 15, 2025
A directory traversal vulnerability exists in ColoradoFTP Server ≤ 1.3 Build 8 for Windows,... Critical Unreviewed
CVE-2025-34110 was published Jul 15, 2025
DSpace is vulnerable to Path Traversal attacks when importing packages using Simple Archive Format Moderate
CVE-2025-53622 was published for org.dspace:dspace-api (Maven) Jul 15, 2025
MMilosz kshepherd
Measured is vulnerable to Path Traversal attacks during class initialization Moderate
GHSA-29g5-m8v7-v564 was published for measured (RubyGems) Jul 15, 2025
calysteon
Apache Struts file upload logic is flawed Critical
CVE-2024-53677 was published for org.apache.struts:struts2-core (Maven) Dec 11, 2024
chximn-dt
The Counter live visitors for WooCommerce plugin for WordPress is vulnerable to arbitrary file... High Unreviewed
CVE-2025-7359 was published Jul 16, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-28955 was published Jul 16, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-31070 was published Jul 16, 2025
Liferay Portal Path Traversal Vulnerability via the Hypermedia REST APIs Module High
CVE-2022-28981 was published for com.liferay:com.liferay.headless.discovery.web (Maven) Sep 23, 2022
Craft CMS vulnerable to Potential Remote Code Execution via missing path normalization & Twig SSTI High
CVE-2024-52293 was published for craftcms/cms (Composer) Nov 13, 2024
rewhile
An unauthenticated file download vulnerability exists in LimeSurvey versions from 2.0+ up to and... High Unreviewed
CVE-2025-34120 was published Jul 16, 2025
A path traversal vulnerability exists in RIPS Scanner version 0.54. The vulnerability allows... High Unreviewed
CVE-2025-34126 was published Jul 17, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database