GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,835
Composer 4,870
Erlang 36
GitHub Actions 36
Go 2,493
Maven 5,926
npm 4,126
NuGet 735
pip 3,943
Pub 12
RubyGems 945
Rust 1,021
Swift 39

Unreviewed advisories

All unreviewed 269,156

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

65 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A Relative Path Traversal vulnerability [CWE-23] in FortiWeb 7.6.0 through 7.6.4, 7.4.0 through 7... Moderate Unreviewed

CVE-2025-53609 was published Sep 9, 2025

IBM Jazz Foundation 7.0.2 through 7.0.2 iFix033, 7.0.3 through 7.0.3 iFix012, and 7.1.0 through 7... Moderate Unreviewed

CVE-2025-25048 was published Sep 4, 2025

An authorized remote attacker can access files and directories outside the intended web root,... Moderate Unreviewed

CVE-2021-4459 was published Aug 27, 2025

The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-8464 was published Aug 16, 2025

Multiple relative path traversal vulnerabilities [CWE-23] in Fortinet FortiMail version 7.6.0... Moderate Unreviewed

CVE-2024-40588 was published Aug 12, 2025

A relative path traversal vulnerability [CWE-23] in FortiSOAR 7.6.0, 7.5.0 through 7.5.1, 7.4 all... Moderate Unreviewed

CVE-2024-48892 was published Aug 12, 2025

A path traversal vulnerability in Vedo Suite 2024.17 allows remote authenticated attackers to... Moderate Unreviewed

CVE-2025-51052 was published Aug 6, 2025

An 'Arbitrary File Deletion' in Samsung DMS(Data Management Server) allows attackers to delete... Moderate Unreviewed

CVE-2025-53082 was published Jul 29, 2025

aerc before 93bec0d allows directory traversal in commands/msgview/open.go because of direct path... Moderate Unreviewed

CVE-2025-49466 was published Jun 5, 2025

A Relative Path Traversal vulnerability [CWE-23] in FortiClientEMS 7.4.0 through 7.4.1 and... Moderate Unreviewed

CVE-2025-22859 was published May 13, 2025

A vulnerability in the “Manages app data” functionality of the web application of ctrlX OS allows... Moderate Unreviewed

CVE-2025-24343 was published Apr 30, 2025

In JetBrains TeamCity before 2025.03.1 improper path validation in loggingPreset parameter was... Moderate Unreviewed

CVE-2025-46433 was published Apr 25, 2025

In JetBrains Rider before 2025.1.2 custom archive unpacker allowed arbitrary file overwrite... Moderate Unreviewed

CVE-2025-43016 was published Apr 25, 2025

Relative Path Traversal vulnerability in Cristián Lávaque s2Member allows Path Traversal. This... Moderate Unreviewed

CVE-2025-32137 was published Apr 4, 2025

A vulnerability in the sanitize_path function in parisneo/lollms-webui v10 - latest allows an... Moderate Unreviewed

CVE-2024-7058 was published Mar 20, 2025

A path traversal vulnerability exists in the latest version of stangirard/quivr. This... Moderate Unreviewed

CVE-2024-6583 was published Mar 20, 2025

A vulnerability in the `start_app_server` function of parisneo/lollms-webui V12 (Strawberry)... Moderate Unreviewed

CVE-2024-10019 was published Mar 20, 2025

IBM Cognos Analytics 11.2.0 through 11.2.4 FP5 is vulnerable to local file inclusion... Moderate Unreviewed

CVE-2024-56340 was published Feb 28, 2025

A vulnerability was found in SourceCodester Best Church Management Software 1.0. It has been... Moderate Unreviewed

CVE-2025-1599 was published Feb 24, 2025

A vulnerability has been found in PHPGurukul Online Nurse Hiring System 1.0 and classified as... Moderate Unreviewed

CVE-2025-1588 was published Feb 23, 2025

Bit Assist plugin for WordPress is vulnerable to Path Traversal in all versions up to, and... Moderate Unreviewed

CVE-2025-0822 was published Feb 15, 2025

Bit Assist plugin for WordPress is vulnerable to Path Traversal in all versions up to, and... Moderate Unreviewed

CVE-2024-13791 was published Feb 14, 2025

A vulnerability has been found in Safetytest Cloud-Master Server up to 1.1.1 and classified as... Moderate Unreviewed

CVE-2025-1086 was published Feb 7, 2025

A relative path traversal in Fortinet FortiRecorder [CWE-23] version 7.2.0 through 7.2.1 and... Moderate Unreviewed

CVE-2024-46664 was published Jan 14, 2025

A relative path traversal vulnerability [CWE-23] in Fortinet FortiManager version 7.4.0 through... Moderate Unreviewed

CVE-2024-32115 was published Jan 14, 2025

Previous1…3 Next

Previous 1 2 3 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

65 advisories