Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

7,179 advisories

Loading
The WPGYM - Wordpress Gym Management System plugin for WordPress is vulnerable to Local File... High Unreviewed
CVE-2025-3671 was published Aug 16, 2025
In Xerox FreeFlow Core version 8.0.4, an attacker can exploit a Path Traversal vulnerability to... Critical Unreviewed
CVE-2025-8356 was published Aug 8, 2025
Spring Framework MVC Applications Path Traversal Vulnerability Moderate
CVE-2025-41242 was published for org.springframework:spring-webmvc (Maven) Aug 18, 2025
Copier's safe template has filesystem write access outside destination path Moderate
CVE-2025-55214 was published for copier (pip) Aug 18, 2025
sisp pawamoy
yajo
Copier's safe template has arbitrary filesystem read/write access High
CVE-2025-55201 was published for copier (pip) Aug 18, 2025
sisp pawamoy
yajo
A Path Traversal vulnerability in AllSky v2023.05.01_04 allows an unauthenticated attacker to... Critical Unreviewed
CVE-2024-44373 was published Aug 19, 2025
The Redirection for Contact Form 7 plugin for WordPress is vulnerable to arbitrary file deletion... High Unreviewed
CVE-2025-8141 was published Aug 20, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-48158 was published Aug 20, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2025-47650 was published Aug 20, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-54021 was published Aug 20, 2025
CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')... High Unreviewed
CVE-2025-54926 was published Aug 20, 2025
CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')... Moderate Unreviewed
CVE-2025-54927 was published Aug 20, 2025
Sockso Music Host Server versions <= 1.5 are vulnerable to a path traversal flaw that allows... High Unreviewed
CVE-2012-10061 was published Aug 20, 2025
Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability,... High Unreviewed
CVE-2025-8912 was published Aug 13, 2025
Organization Portal System developed by WellChoose has an Arbitrary File Reading vulnerability,... High Unreviewed
CVE-2025-8909 was published Aug 13, 2025
Group-Office versions prior to 6.8.119 and prior to 25.0.20 provided by Intermesh BV contain a... Moderate Unreviewed
CVE-2025-53505 was published Aug 21, 2025
The WP Webhooks plugin for WordPress is vulnerable to arbitrary file copy due to missing... Critical Unreviewed
CVE-2025-8895 was published Aug 21, 2025
vite-plugin-static-copy files not included in `src` are possible to access with a crafted request Moderate
CVE-2025-57753 was published for vite-plugin-static-copy (npm) Aug 21, 2025
ikkisoft
Barracuda products, confirmed in Spam & Virus Firewall, SSL VPN, and Web Application Firewall... High Unreviewed
CVE-2010-20109 was published Aug 21, 2025
An issue in the component /api/download_work_dir_file.py of Agent-Zero v0.8.* allows attackers to... Low Unreviewed
CVE-2025-55523 was published Aug 21, 2025
In MindManager Windows versions prior to 24.1.150, attackers could potentially write to... High Unreviewed
CVE-2024-56179 was published Aug 22, 2025
Python-Future Module Arbitrary Code Execution via Unintended Import of test.py High
CVE-2025-50817 was published for future (pip) Aug 14, 2025
BarrensZeppelin
Directory traversal vulnerability in gefebt.exe in the WebView CimWeb components in GE... High Unreviewed
CVE-2014-0750 was published May 17, 2022
Directory traversal vulnerability in CimWebServer.exe (aka the WebView component) in GE... High Unreviewed
CVE-2014-0751 was published May 17, 2022
A path traversal vulnerability in the NPM package installation process of Google Cloud Dataform... Critical Unreviewed
CVE-2025-9118 was published Aug 25, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database