Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,810
Erlang
36
GitHub Actions
31
Go
2,395
Maven
5,000+
npm
4,030
NuGet
721
pip
3,820
Pub
12
RubyGems
932
Rust
988
Swift
38
Unreviewed advisories
All unreviewed
5,000+

7,017 advisories

Loading
A path traversal vulnerability exists in httpdasm version 0.92, a lightweight Windows HTTP server... High Unreviewed
CVE-2010-10012 was published Jul 23, 2025
An unauthenticated path traversal vulnerability exists in Dicoogle PACS Web Server version 2.5.0... High Unreviewed
CVE-2018-25113 was published Jul 23, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2025-54446 was published Jul 23, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-54453 was published Jul 23, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-54450 was published Jul 23, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2025-54443 was published Jul 23, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2025-54438 was published Jul 23, 2025
files-bucket-server vulnerable to Directory Traversal High
CVE-2025-8021 was published for files-bucket-server (npm) Jul 23, 2025
Arbitrary File Overwrite (AFO) in superagi.controllers.resources.upload in TransformerOptimus... Moderate Unreviewed
CVE-2025-51475 was published Jul 22, 2025
Dagster Local File Inclusion vulnerability Moderate
CVE-2025-51481 was published for dagster (pip) Jul 22, 2025
Path Traversal in restore_run_backup() in AIM 3.28.0 allows remote attackers to write arbitrary... High Unreviewed
CVE-2025-51463 was published Jul 22, 2025
Path Traversal vulnerability in onnx.external_data_helper.save_external_data in ONNX 1.17.0... High Unreviewed
CVE-2025-51480 was published Jul 22, 2025
The Extensions For CF7 (Contact form 7 Database, Conditional Fields and Redirection) plugin for... High Unreviewed
CVE-2025-7645 was published Jul 22, 2025
`pyLoad` has Path Traversal Vulnerability in `json/upload` Endpoint that allows Arbitrary File Write High
CVE-2025-54140 was published for pyload-ng (pip) Jul 21, 2025
odaysec
An issue was discovered in CommScope Ruckus Unleashed prior to 200.14.6.1.203 and in Ruckus... Moderate Unreviewed
CVE-2025-46120 was published Jul 21, 2025
Apache Jena allows users with administrator access to create databases files outside the files area of the Fuseki server Moderate
CVE-2025-49656 was published for org.apache.jena:jena-fuseki (Maven) Jul 21, 2025
A vulnerability has been found in harry0703 MoneyPrinterTurbo up to 1.2.6 and classified as... Moderate Unreviewed
CVE-2025-7896 was published Jul 20, 2025
The GI-Media Library plugin for WordPress is vulnerable to Directory Traversal in versions before... High Unreviewed
CVE-2015-10136 was published Jul 19, 2025
The Simple Backup plugin for WordPress is vulnerable to Arbitrary File Download in versions up to... High Unreviewed
CVE-2015-10134 was published Jul 19, 2025
An incomplete fix has been identified for CVE-2025-23084 in Node.js, specifically affecting... High Unreviewed
CVE-2025-27210 was published Jul 19, 2025
Mattermost Path Traversal vulnerability Moderate
CVE-2025-6233 was published for github.com/mattermost/mattermost-server (Go) Jul 18, 2025
The Attachment Manager plugin for WordPress is vulnerable to arbitrary file deletion due to... Critical Unreviewed
CVE-2025-7643 was published Jul 18, 2025
The School Management System for Wordpress plugin for WordPress is vulnerable to Local File... High Unreviewed
CVE-2025-3740 was published Jul 18, 2025
The Madara - Core plugin for WordPress is vulnerable to arbitrary file deletion due to... Critical Unreviewed
CVE-2025-7712 was published Jul 17, 2025
A path traversal vulnerability exists in RIPS Scanner version 0.54. The vulnerability allows... High Unreviewed
CVE-2025-34126 was published Jul 17, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database