GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,275
Composer 4,908
Erlang 39
GitHub Actions 38
Go 2,568
Maven 6,036
npm 4,240
NuGet 754
pip 4,004
Pub 12
RubyGems 953
Rust 1,042
Swift 45

Unreviewed advisories

All unreviewed 273,869

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

2,559 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

A path traversal vulnerability in all versions of the Qodo Qodo Gen IDE enables a threat actor to... High Unreviewed

CVE-2025-62356 was published Oct 17, 2025

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain an absolute path traversal... High Unreviewed

CVE-2025-34517 was published Oct 16, 2025

Ilevia EVE X1 Server firmware versions ≤ 4.7.18.0.eden contain a relative path traversal... High Unreviewed

CVE-2025-34518 was published Oct 16, 2025

An Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability ... High Unreviewed

CVE-2025-54658 was published Oct 16, 2025

A path traversal issue exists in WXR9300BE6P series firmware versions prior to Ver.1.10.... High Unreviewed

CVE-2025-61941 was published Oct 15, 2025

The XStore theme for WordPress is vulnerable to Local File Inclusion in all versions up to, and... High Unreviewed

CVE-2025-11746 was published Oct 15, 2025

Huijietong Cloud Video Platform contains a path traversal vulnerability that allows an... High Unreviewed

CVE-2024-13991 was published Oct 15, 2025

Path traversal in Ivanti Endpoint Manager allows a remote unauthenticated attacker to achieve... High Unreviewed

CVE-2025-9713 was published Oct 13, 2025

Vulnerability in the Oracle Configurator product of Oracle E-Business Suite (component: Runtime... High Unreviewed

CVE-2025-61884 was published Oct 12, 2025

Newforma Info Exchange (NIX) '/UserWeb/Common/UploadBlueimp.ashx' allows an authenticated... High Unreviewed

CVE-2025-35055 was published Oct 9, 2025

D-Link Nuclias Connect firmware versions < 1.3.1.4 contain a directory traversal vulnerability... High Unreviewed

CVE-2025-34248 was published Oct 9, 2025

Insufficient escaping in the report scheduler within Checkmk <2.4.0p13, <2.3.0p38, <2.2.0p46 and... High Unreviewed

CVE-2025-39664 was published Oct 9, 2025

A path traversal vulnerability was discovered in the Time Machine functionality due to missing... High Unreviewed

CVE-2025-40889 was published Oct 7, 2025

Path traversal vulnerability in AndSoft's e-TMS v25.03. This vulnerability allows an attacker to... High Unreviewed

CVE-2025-59744 was published Oct 2, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Download of Code... High Unreviewed

CVE-2025-11182 was published Oct 2, 2025

An attacker can obtain server information using Path Traversal vulnerability to conduct SQL... High Unreviewed

CVE-2025-11020 was published Oct 2, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed

CVE-2025-59002 was published Sep 26, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed

CVE-2025-10449 was published Sep 25, 2025

Datart 1.0.0-rc.3 is vulnerable to Directory Traversal in the POST /viz/image interface, since... High Unreviewed

CVE-2025-56815 was published Sep 24, 2025

Datart 1.0.0-rc.3 is vulnerable to Directory Traversal. The configuration file handling of the... High Unreviewed

CVE-2025-56816 was published Sep 24, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed

CVE-2025-10468 was published Sep 19, 2025

Ilevia EVE X1 Server version ≤ 4.7.18.0.eden contains a pre-authentication file disclosure... High Unreviewed

CVE-2025-34185 was published Sep 16, 2025

The The Hack Repair Guy's Plugin Archiver plugin for WordPress is vulnerable to arbitrary file... High Unreviewed

CVE-2025-10176 was published Sep 13, 2025

The User Meta – User Profile Builder and User management plugin plugin for WordPress is... High Unreviewed

CVE-2025-9693 was published Sep 11, 2025

Delta Electronics DIALink has an Directory Traversal Authentication Bypass Vulnerability. High Unreviewed

CVE-2025-58320 was published Sep 11, 2025

Previous1…103 Next

Previous 1 2 3 4 5 … 102 103 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

2,559 advisories