GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,912
Composer 5,067
Erlang 39
GitHub Actions 38
Go 2,717
Maven 6,143
npm 4,328
NuGet 761
pip 4,105
Pub 12
RubyGems 958
Rust 1,065
Swift 45

Unreviewed advisories

All unreviewed 278,946

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

76 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

In CKSource CKFinder before 2.5.0.1 for ASP.NET, authenticated users could download any file from... Moderate Unreviewed

CVE-2016-20023 was published Dec 5, 2025

app/Model/EventReport.php in MISP before 2.5.27 allows path traversal in view picture for a site... Moderate Unreviewed

CVE-2025-66386 was published Nov 28, 2025

A Path Traversal vulnerability has been identified in the Email Security appliance allows an... Moderate Unreviewed

CVE-2025-40605 was published Nov 20, 2025

A vulnerability was found in code-projects Email Logging Interface 2.0. Affected is an unknown... Moderate Unreviewed

CVE-2025-13199 was published Nov 15, 2025

Dell Secure Connect Gateway (SCG) 5.0 Application and Appliance version(s) 5.26.00.00 - 5.30.00... Moderate Unreviewed

CVE-2025-46363 was published Oct 30, 2025

A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4... Moderate Unreviewed

CVE-2025-60023 was published Oct 24, 2025

A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4... Moderate Unreviewed

CVE-2025-59776 was published Oct 24, 2025

The Slider Revolution plugin for WordPress is vulnerable to unauthorized access and modification... Moderate Unreviewed

CVE-2025-10249 was published Oct 9, 2025

nncp before 8.12.0 allows path traversal (for reading or writing) during freqing and file saving... Moderate Unreviewed

CVE-2025-60020 was published Sep 24, 2025

The eHRD CTMS developed by Sunnet has an Arbitrary File Reading vulnerability, allowing remote... Moderate Unreviewed

CVE-2025-9570 was published Sep 23, 2025

In JetBrains TeamCity before 2025.07.2 path traversal was possible during project archive upload Moderate Unreviewed

CVE-2025-59456 was published Sep 17, 2025

A Relative Path Traversal vulnerability [CWE-23] in FortiWeb 7.6.0 through 7.6.4, 7.4.0 through 7... Moderate Unreviewed

CVE-2025-53609 was published Sep 9, 2025

IBM Jazz Foundation 7.0.2 through 7.0.2 iFix033, 7.0.3 through 7.0.3 iFix012, and 7.1.0 through 7... Moderate Unreviewed

CVE-2025-25048 was published Sep 4, 2025

An authorized remote attacker can access files and directories outside the intended web root,... Moderate Unreviewed

CVE-2021-4459 was published Aug 27, 2025

The Drag and Drop Multiple File Upload for Contact Form 7 plugin for WordPress is vulnerable to... Moderate Unreviewed

CVE-2025-8464 was published Aug 16, 2025

Multiple relative path traversal vulnerabilities [CWE-23] in Fortinet FortiMail version 7.6.0... Moderate Unreviewed

CVE-2024-40588 was published Aug 12, 2025

A relative path traversal vulnerability [CWE-23] in FortiSOAR 7.6.0, 7.5.0 through 7.5.1, 7.4 all... Moderate Unreviewed

CVE-2024-48892 was published Aug 12, 2025

A path traversal vulnerability in Vedo Suite 2024.17 allows remote authenticated attackers to... Moderate Unreviewed

CVE-2025-51052 was published Aug 6, 2025

An 'Arbitrary File Deletion' in Samsung DMS(Data Management Server) allows attackers to delete... Moderate Unreviewed

CVE-2025-53082 was published Jul 29, 2025

aerc before 93bec0d allows directory traversal in commands/msgview/open.go because of direct path... Moderate Unreviewed

CVE-2025-49466 was published Jun 5, 2025

A Relative Path Traversal vulnerability [CWE-23] in FortiClientEMS 7.4.0 through 7.4.1 and... Moderate Unreviewed

CVE-2025-22859 was published May 13, 2025

A vulnerability in the “Manages app data” functionality of the web application of ctrlX OS allows... Moderate Unreviewed

CVE-2025-24343 was published Apr 30, 2025

In JetBrains TeamCity before 2025.03.1 improper path validation in loggingPreset parameter was... Moderate Unreviewed

CVE-2025-46433 was published Apr 25, 2025

In JetBrains Rider before 2025.1.2 custom archive unpacker allowed arbitrary file overwrite... Moderate Unreviewed

CVE-2025-43016 was published Apr 25, 2025

Relative Path Traversal vulnerability in Cristián Lávaque s2Member allows Path Traversal. This... Moderate Unreviewed

CVE-2025-32137 was published Apr 4, 2025

Previous1…4 Next

Previous 1 2 3 4 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

76 advisories