Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,870
Erlang
36
GitHub Actions
36
Go
2,493
Maven
5,000+
npm
4,126
NuGet
735
pip
3,943
Pub
12
RubyGems
945
Rust
1,021
Swift
39
Unreviewed advisories
All unreviewed
5,000+

7,176 advisories

Loading
Juju zip slip vulnerability via authenticated endpoint High
CVE-2025-53513 was published for github.com/juju/juju (Go) Jul 9, 2025
wallyworld hpidcock
The Support Board plugin for WordPress is vulnerable to arbitrary file deletion due to... Critical Unreviewed
CVE-2025-4828 was published Jul 9, 2025
A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected application... High Unreviewed
CVE-2025-40738 was published Jul 8, 2025
A vulnerability has been identified in SINEC NMS (All versions < V4.0). The affected application... High Unreviewed
CVE-2025-40737 was published Jul 8, 2025
SAPCAR improperly sanitizes the file paths while extracting SAPCAR archives. Due to this, an... Moderate Unreviewed
CVE-2025-42970 was published Jul 8, 2025
Marvell QConvergeConsole QLogicDownloadImpl Directory Traversal Arbitrary File Deletion and... Critical Unreviewed
CVE-2025-6793 was published Jul 7, 2025
Marvell QConvergeConsole decryptFile Directory Traversal Arbitrary File Write Vulnerability. This... High Unreviewed
CVE-2025-6806 was published Jul 7, 2025
Marvell QConvergeConsole getFileUploadSize Directory Traversal Information Disclosure... Moderate Unreviewed
CVE-2025-6795 was published Jul 7, 2025
Marvell QConvergeConsole getAppFileBytes Directory Traversal Information Disclosure Vulnerability... High Unreviewed
CVE-2025-6796 was published Jul 7, 2025
Marvell QConvergeConsole saveAsText Directory Traversal Remote Code Execution Vulnerability. This... Critical Unreviewed
CVE-2025-6794 was published Jul 7, 2025
Marvell QConvergeConsole deleteEventLogFile Directory Traversal Arbitrary File Deletion... High Unreviewed
CVE-2025-6805 was published Jul 7, 2025
Marvell QConvergeConsole getFileUploadBytes Directory Traversal Information Disclosure... High Unreviewed
CVE-2025-6797 was published Jul 7, 2025
Marvell QConvergeConsole deleteAppFile Directory Traversal Arbitrary File Deletion Vulnerability.... High Unreviewed
CVE-2025-6798 was published Jul 7, 2025
Marvell QConvergeConsole getFileUploadBytes Directory Traversal Information Disclosure... High Unreviewed
CVE-2025-6799 was published Jul 7, 2025
Marvell QConvergeConsole compressFirmwareDumpFiles Directory Traversal Information Disclosure... High Unreviewed
CVE-2025-6804 was published Jul 7, 2025
Marvell QConvergeConsole saveNICParamsToFile Directory Traversal Arbitrary File Write... High Unreviewed
CVE-2025-6801 was published Jul 7, 2025
Marvell QConvergeConsole compressDriverFiles Directory Traversal Information Disclosure... High Unreviewed
CVE-2025-6803 was published Jul 7, 2025
Marvell QConvergeConsole restoreESwitchConfig Directory Traversal Information Disclosure... High Unreviewed
CVE-2025-6800 was published Jul 7, 2025
Marvell QConvergeConsole getDriverTmpPath Directory Traversal Information Disclosure... Moderate Unreviewed
CVE-2025-6807 was published Jul 7, 2025
Dagster vulnerable to Path Traversal attack through its /logs endpoint Moderate
CVE-2023-51232 was published for dagster (pip) Jul 7, 2025
LlamaIndex vulnerability in its ObsidianReader class can lead to Path Traversal exploit Moderate
CVE-2025-6210 was published for llama-index-readers-obsidian (pip) Jul 7, 2025
LlamaIndex is vulnerable to Path Traversal attack through its ObsidianReader class High
CVE-2025-3046 was published for llama-index-readers-obsidian (pip) Jul 7, 2025
A vulnerability classified as critical was found in risesoft-y9 Digital-Infrastructure up to 9.6... Moderate Unreviewed
CVE-2025-7108 was published Jul 7, 2025
A vulnerability classified as critical has been found in SimStudioAI sim up to 0.1.17. Affected... Moderate Unreviewed
CVE-2025-7107 was published Jul 7, 2025
A vulnerability, which was classified as critical, was found in Comodo Internet Security Premium... Moderate Unreviewed
CVE-2025-7098 was published Jul 7, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database