Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,726
Maven
5,000+
npm
4,331
NuGet
763
pip
4,107
Pub
12
RubyGems
960
Rust
1,068
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,236 advisories

Loading
MapTiler Tileserver-php v2.0 is vulnerable to Directory Traversal. The renderTile function within... High Unreviewed
CVE-2025-44137 was published Jul 29, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') in Samsung DMS... High Unreviewed
CVE-2025-53080 was published Jul 29, 2025
The Kallyas theme for WordPress is vulnerable to arbitrary folder deletion due to insufficient... High Unreviewed
CVE-2025-6989 was published Jul 26, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-52452 was published Jul 25, 2025
The hiWeb Export Posts plugin for WordPress is vulnerable to Cross-Site Request Forgery in all... High Unreviewed
CVE-2025-7640 was published Jul 25, 2025
A path traversal vulnerability exists in httpdasm version 0.92, a lightweight Windows HTTP server... High Unreviewed
CVE-2010-10012 was published Jul 23, 2025
An unauthenticated path traversal vulnerability exists in Dicoogle PACS Web Server version 2.5.0... High Unreviewed
CVE-2018-25113 was published Jul 23, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-54453 was published Jul 23, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-54450 was published Jul 23, 2025
files-bucket-server vulnerable to Directory Traversal High
CVE-2025-8021 was published for files-bucket-server (npm) Jul 23, 2025
lirantal
Credited to lirantal
Path Traversal vulnerability in onnx.external_data_helper.save_external_data in ONNX 1.17.0... High Unreviewed
CVE-2025-51480 was published Jul 22, 2025
Path Traversal in restore_run_backup() in AIM 3.28.0 allows remote attackers to write arbitrary... High Unreviewed
CVE-2025-51463 was published Jul 22, 2025
The Extensions For CF7 (Contact form 7 Database, Conditional Fields and Redirection) plugin for... High Unreviewed
CVE-2025-7645 was published Jul 22, 2025
`pyLoad` has Path Traversal Vulnerability in `json/upload` Endpoint that allows Arbitrary File Write High
CVE-2025-54140 was published for pyload-ng (pip) Jul 21, 2025
odaysec
Credited to odaysec
The Simple Backup plugin for WordPress is vulnerable to Arbitrary File Download in versions up to... High Unreviewed
CVE-2015-10134 was published Jul 19, 2025
The GI-Media Library plugin for WordPress is vulnerable to Directory Traversal in versions before... High Unreviewed
CVE-2015-10136 was published Jul 19, 2025
An incomplete fix has been identified for CVE-2025-23084 in Node.js, specifically affecting... High Unreviewed
CVE-2025-27210 was published Jul 19, 2025
The School Management System for Wordpress plugin for WordPress is vulnerable to Local File... High Unreviewed
CVE-2025-3740 was published Jul 18, 2025
A path traversal vulnerability exists in RIPS Scanner version 0.54. The vulnerability allows... High Unreviewed
CVE-2025-34126 was published Jul 17, 2025
An unauthenticated file download vulnerability exists in LimeSurvey versions from 2.0+ up to and... High Unreviewed
CVE-2025-34120 was published Jul 16, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-31070 was published Jul 16, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-28955 was published Jul 16, 2025
The Counter live visitors for WooCommerce plugin for WordPress is vulnerable to arbitrary file... High Unreviewed
CVE-2025-7359 was published Jul 16, 2025
A path traversal vulnerability in the file_upload-cgi CGI program of Zyxel NWA50AX PRO firmware... High Unreviewed
CVE-2025-6265 was published Jul 15, 2025
The Application is vulnerable to an authenticated Arbitrary File Deletion. This affects the Agent... High Unreviewed
CVE-2024-26292 was published Jul 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database