Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

7,176 advisories

Loading
The WooCommerce Purchase Orders plugin for WordPress is vulnerable to arbitrary file deletion due... High Unreviewed
CVE-2025-5391 was published Aug 12, 2025
Due to directory traversal vulnerability in SAP S/4HANA (Bank Communication Management), an... Moderate Unreviewed
CVE-2025-42946 was published Aug 12, 2025
Omnissa Workspace ONE UEM contains a Secondary Context Path Traversal Vulnerability. A malicious... High Unreviewed
CVE-2025-25231 was published Aug 11, 2025
TinyScientist has Path Traversal Vulnerability in PDF Review Function (CWE-22) Moderate
CVE-2025-55149 was published for tiny-scientist (pip) Aug 11, 2025
A vulnerability was found in 猫宁i Morning up to bc782730c74ff080494f145cc363a0b4f43f7d3e. It has... Moderate Unreviewed
CVE-2025-8815 was published Aug 10, 2025
A vulnerability, which was classified as critical, has been found in linlinjava litemall up to 1... Moderate Unreviewed
CVE-2025-8753 was published Aug 9, 2025
Zenoss Core 3.x contains a command injection vulnerability in the showDaemonXMLConfig endpoint.... High Unreviewed
CVE-2012-10048 was published Aug 8, 2025
A vulnerability in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab through 9.8... Critical Unreviewed
CVE-2025-52913 was published Aug 8, 2025
In Xerox FreeFlow Core version 8.0.4, an attacker can exploit a Path Traversal vulnerability to... Critical Unreviewed
CVE-2025-8356 was published Aug 8, 2025
A vulnerability has been found in MigoXLab LMeterX 1.2.0 and classified as critical. Affected by... Moderate Unreviewed
CVE-2025-8729 was published Aug 8, 2025
Path Traversal vulnerability in API Endpoint in Mobile Industrial Robots (MiR) Software Versions... Moderate Unreviewed
CVE-2025-8749 was published Aug 8, 2025
Powered BLUE Server versions 0.20130927 and prior contain a path traversal vulnerability. If this... Moderate Unreviewed
CVE-2025-54959 was published Aug 8, 2025
An issue in 4C Strategies Exonaut before v22.4 allows attackers to execute a directory traversal. Moderate Unreviewed
CVE-2024-55401 was published Aug 7, 2025
: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-29865 was published Aug 7, 2025
An attacker with authenticated and privileged access could modify the contents of a non-sensitive... Moderate Unreviewed
CVE-2025-48394 was published Aug 6, 2025
The Mobile Access Portal's File Share application is vulnerable to a directory traversal attack,... Moderate Unreviewed
CVE-2024-52885 was published Aug 6, 2025
Path traversal vulnerability in the virtualization base module. Successful exploitation of this... High Unreviewed
CVE-2025-54652 was published Aug 6, 2025
Path traversal vulnerability in the virtualization file module. Successful exploitation of this... High Unreviewed
CVE-2025-54653 was published Aug 6, 2025
ClanSphere 2011.3 is vulnerable to a local file inclusion (LFI) flaw due to improper handling of... High Unreviewed
CVE-2012-10034 was published Aug 5, 2025
XBMC version 11, including builds up to the 2012-11-04 nightly release, contains a path traversal... High Unreviewed
CVE-2012-10024 was published Aug 5, 2025
ThinkPHP Path Traversal Vulnerability Critical
CVE-2025-50706 was published for topthink/framework (Composer) Aug 5, 2025
A vulnerability, which was classified as critical, was found in givanz Vvvebjs up to 2.0.4.... Low Unreviewed
CVE-2025-8522 was published Aug 4, 2025
RatPanel can perform remote command execution without authorization High
CVE-2025-53534 was published for github.com/tnborg/panel (Go) Aug 4, 2025
LTLTLXEY devhaozi
A vulnerability was found in Kingdee Cloud-Starry-Sky Enterprise Edition up to 8.2. It has been... Moderate Unreviewed
CVE-2025-8516 was published Aug 4, 2025
pyLoad CNL Blueprint allows Path Traversal through `dlc_path` which leads to Remote Code Execution (RCE) Critical
CVE-2025-54802 was published for pyload-ng (pip) Aug 4, 2025
ptrgits sfatzmw
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database