GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,912
Composer 5,067
Erlang 39
GitHub Actions 38
Go 2,717
Maven 6,143
npm 4,328
NuGet 761
pip 4,105
Pub 12
RubyGems 958
Rust 1,065
Swift 45

Unreviewed advisories

All unreviewed 278,989

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

76 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In CKSource CKFinder before 2.5.0.1 for ASP.NET, authenticated users could download any file from... Moderate Unreviewed

CVE-2016-20023 was published Dec 5, 2025

app/Model/EventReport.php in MISP before 2.5.27 allows path traversal in view picture for a site... Moderate Unreviewed

CVE-2025-66386 was published Nov 28, 2025

A Path Traversal vulnerability has been identified in the Email Security appliance allows an... Moderate Unreviewed

CVE-2025-40605 was published Nov 20, 2025

A vulnerability was found in code-projects Email Logging Interface 2.0. Affected is an unknown... Moderate Unreviewed

CVE-2025-13199 was published Nov 15, 2025

Dell Secure Connect Gateway (SCG) 5.0 Application and Appliance version(s) 5.26.00.00 - 5.30.00... Moderate Unreviewed

CVE-2025-46363 was published Oct 30, 2025

A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4... Moderate Unreviewed

CVE-2025-60023 was published Oct 24, 2025

A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4... Moderate Unreviewed

CVE-2025-59776 was published Oct 24, 2025

IBM Cognos Analytics 11.2.0 through 11.2.4 FP5 is vulnerable to local file inclusion... Moderate Unreviewed

CVE-2024-56340 was published Feb 28, 2025

A vulnerability in the `start_app_server` function of parisneo/lollms-webui V12 (Strawberry)... Moderate Unreviewed

CVE-2024-10019 was published Mar 20, 2025

The Slider Revolution plugin for WordPress is vulnerable to unauthorized access and modification... Moderate Unreviewed

CVE-2025-10249 was published Oct 9, 2025

nncp before 8.12.0 allows path traversal (for reading or writing) during freqing and file saving... Moderate Unreviewed

CVE-2025-60020 was published Sep 24, 2025

The eHRD CTMS developed by Sunnet has an Arbitrary File Reading vulnerability, allowing remote... Moderate Unreviewed

CVE-2025-9570 was published Sep 23, 2025

In JetBrains TeamCity before 2025.07.2 path traversal was possible during project archive upload Moderate Unreviewed

CVE-2025-59456 was published Sep 17, 2025

A Relative Path Traversal vulnerability [CWE-23] in FortiWeb 7.6.0 through 7.6.4, 7.4.0 through 7... Moderate Unreviewed

CVE-2025-53609 was published Sep 9, 2025

IBM Jazz Foundation 7.0.2 through 7.0.2 iFix033, 7.0.3 through 7.0.3 iFix012, and 7.1.0 through 7... Moderate Unreviewed

CVE-2025-25048 was published Sep 4, 2025

An authorized remote attacker can access files and directories outside the intended web root,... Moderate Unreviewed

CVE-2021-4459 was published Aug 27, 2025

The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-8464 was published Aug 16, 2025

Multiple relative path traversal vulnerabilities [CWE-23] in Fortinet FortiMail version 7.6.0... Moderate Unreviewed

CVE-2024-40588 was published Aug 12, 2025

A relative path traversal vulnerability [CWE-23] in FortiSOAR 7.6.0, 7.5.0 through 7.5.1, 7.4 all... Moderate Unreviewed

CVE-2024-48892 was published Aug 12, 2025

A path traversal vulnerability in Vedo Suite 2024.17 allows remote authenticated attackers to... Moderate Unreviewed

CVE-2025-51052 was published Aug 6, 2025

An 'Arbitrary File Deletion' in Samsung DMS(Data Management Server) allows attackers to delete... Moderate Unreviewed

CVE-2025-53082 was published Jul 29, 2025

Directory traversal vulnerability in the web server in SpecView 2.5 build 853 and earlier allows... Moderate Unreviewed

CVE-2012-5972 was published May 17, 2022

A vulnerability was found in ZKTeco ZKBio Media 2.0.0_x64_2024-01-29-1028. It has been classified... Moderate Unreviewed

CVE-2024-2318 was published Mar 8, 2024

aerc before 93bec0d allows directory traversal in commands/msgview/open.go because of direct path... Moderate Unreviewed

CVE-2025-49466 was published Jun 5, 2025

All versions of the Medtronic 2090 Carelink Programmer are affected by a directory traversal... Moderate Unreviewed

CVE-2018-5448 was published May 13, 2022

Previous1…4 Next

Previous 1 2 3 4 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

76 advisories