Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
37
GitHub Actions
36
Go
2,500
Maven
5,000+
npm
4,147
NuGet
735
pip
3,948
Pub
12
RubyGems
945
Rust
1,025
Swift
39
Unreviewed advisories
All unreviewed
5,000+

7,179 advisories

Loading
A vulnerability exists in Advantech iView in NetworkServlet.processImportRequest() that could... Moderate Unreviewed
CVE-2025-46704 was published Jul 11, 2025
Chall-Manager is vulnerable to Path Traversal when extracting/decoding a zip archive High
CVE-2025-53632 was published for github.com/ctfer-io/chall-manager (Go) Jul 10, 2025
A directory traversal vulnerability was discovered in White Star Software Protop version 4.4.2... High Unreviewed
CVE-2025-44177 was published Jul 9, 2025
Juju zip slip vulnerability via authenticated endpoint High
CVE-2025-53513 was published for github.com/juju/juju (Go) Jul 9, 2025
wallyworld hpidcock
The Support Board plugin for WordPress is vulnerable to arbitrary file deletion due to... Critical Unreviewed
CVE-2025-4828 was published Jul 9, 2025
A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected application... High Unreviewed
CVE-2025-40738 was published Jul 8, 2025
A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected application... High Unreviewed
CVE-2025-40737 was published Jul 8, 2025
SAPCAR improperly sanitizes the file paths while extracting SAPCAR archives. Due to this, an... Moderate Unreviewed
CVE-2025-42970 was published Jul 8, 2025
Marvell QConvergeConsole decryptFile Directory Traversal Arbitrary File Write Vulnerability. This... High Unreviewed
CVE-2025-6806 was published Jul 7, 2025
Marvell QConvergeConsole getFileUploadSize Directory Traversal Information Disclosure... Moderate Unreviewed
CVE-2025-6795 was published Jul 7, 2025
Marvell QConvergeConsole deleteEventLogFile Directory Traversal Arbitrary File Deletion... High Unreviewed
CVE-2025-6805 was published Jul 7, 2025
Marvell QConvergeConsole deleteAppFile Directory Traversal Arbitrary File Deletion Vulnerability.... High Unreviewed
CVE-2025-6798 was published Jul 7, 2025
Marvell QConvergeConsole saveNICParamsToFile Directory Traversal Arbitrary File Write... High Unreviewed
CVE-2025-6801 was published Jul 7, 2025
Marvell QConvergeConsole getDriverTmpPath Directory Traversal Information Disclosure... Moderate Unreviewed
CVE-2025-6807 was published Jul 7, 2025
Marvell QConvergeConsole getFileUploadBytes Directory Traversal Information Disclosure... High Unreviewed
CVE-2025-6799 was published Jul 7, 2025
Marvell QConvergeConsole getAppFileBytes Directory Traversal Information Disclosure Vulnerability... High Unreviewed
CVE-2025-6796 was published Jul 7, 2025
Marvell QConvergeConsole QLogicDownloadImpl Directory Traversal Arbitrary File Deletion and... Critical Unreviewed
CVE-2025-6793 was published Jul 7, 2025
Marvell QConvergeConsole compressDriverFiles Directory Traversal Information Disclosure... High Unreviewed
CVE-2025-6803 was published Jul 7, 2025
Marvell QConvergeConsole getFileUploadBytes Directory Traversal Information Disclosure... High Unreviewed
CVE-2025-6797 was published Jul 7, 2025
Marvell QConvergeConsole restoreESwitchConfig Directory Traversal Information Disclosure... High Unreviewed
CVE-2025-6800 was published Jul 7, 2025
Marvell QConvergeConsole compressFirmwareDumpFiles Directory Traversal Information Disclosure... High Unreviewed
CVE-2025-6804 was published Jul 7, 2025
Marvell QConvergeConsole saveAsText Directory Traversal Remote Code Execution Vulnerability. This... Critical Unreviewed
CVE-2025-6794 was published Jul 7, 2025
Dagster vulnerable to Path Traversal attack through its /logs endpoint Moderate
CVE-2023-51232 was published for dagster (pip) Jul 7, 2025
LlamaIndex vulnerability in its ObsidianReader class can lead to Path Traversal exploit Moderate
CVE-2025-6210 was published for llama-index-readers-obsidian (pip) Jul 7, 2025
LlamaIndex is vulnerable to Path Traversal attack through its ObsidianReader class High
CVE-2025-3046 was published for llama-index-readers-obsidian (pip) Jul 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database