Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,744
Maven
5,000+
npm
4,341
NuGet
765
pip
4,113
Pub
12
RubyGems
960
Rust
1,069
Swift
45
Unreviewed advisories
All unreviewed
5,000+

3,205 advisories

Loading
Pyrofork has a Path Traversal in download_media Method Moderate
CVE-2025-67720 was published for pyrofork (pip) Dec 10, 2025
yueyueL
Credited to yueyueL
Jenkins Redpen - Pipeline Reporter for Jira Plugin has a path traversal vulnerability Moderate
CVE-2025-67643 was published for org.jenkinsci.plugins:pipeline-reporter-by-redpen (Maven) Dec 10, 2025
A lack of security checks in the file import process of AB TECHNOLOGY Document Reader: PDF, DOC,... Moderate Unreviewed
CVE-2025-65815 was published Dec 10, 2025
A lack of security checks in the file import process of RHOPHI Analytics LLP Office App-Edit Word... Moderate Unreviewed
CVE-2025-65814 was published Dec 10, 2025
The Simple Download Counter plugin for WordPress is vulnerable to Path Traversal in all versions... Moderate Unreviewed
CVE-2025-13677 was published Dec 10, 2025
HP System Event Utility and Omen Gaming Hub might allow execution of certain files outside of... Moderate Unreviewed
CVE-2025-11531 was published Dec 9, 2025
An unauthenticated directory traversal vulnerability in cgi-bin/upload.cgi in SNMP Web Pro 1.1... Moderate Unreviewed
CVE-2025-65287 was published Dec 9, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2025-14311 was published Dec 9, 2025
A vulnerability was found in Yottamaster DM2, DM3 and DM200 up to 1.2.23/1.9.12. Affected by this... Moderate Unreviewed
CVE-2025-14224 was published Dec 8, 2025
A security vulnerability has been detected in ORICO CD3510 1.9.12. This affects an unknown... Moderate Unreviewed
CVE-2025-14220 was published Dec 8, 2025
A vulnerability has been found in Sobey Media Convergence System 2.0/2.1. This vulnerability... Moderate Unreviewed
CVE-2025-14182 was published Dec 7, 2025
ComposioHQ has a directory traversal vulnerability Moderate
CVE-2025-56427 was published for composio (pip) Dec 4, 2025
A vulnerability in FileStation file cgi allows remote authenticated users to read file metadata... Moderate Unreviewed
CVE-2025-29844 was published Dec 4, 2025
A vulnerability in FileStation thumb cgi allows remote authenticated users to read/write image... Moderate Unreviewed
CVE-2025-29843 was published Dec 4, 2025
A vulnerability in VideoPlayer2 subtitle cgi allows remote authenticated users to read .srt files. Moderate Unreviewed
CVE-2025-29845 was published Dec 4, 2025
A security vulnerability has been detected in Rareprob HD Video Player All Formats App 12.1.372... Moderate Unreviewed
CVE-2025-13876 was published Dec 2, 2025
A weakness has been identified in Yohann0617 oci-helper up to 3.2.4. This issue affects the... Moderate Unreviewed
CVE-2025-13875 was published Dec 2, 2025
Directory traversal vulnerability in SOLIDserver IPAM v8.2.3. This vulnerability allows an... Moderate Unreviewed
CVE-2025-13879 was published Dec 2, 2025
Grav vulnerable to Path Traversal allowing server files backup Moderate
CVE-2025-66302 was published for getgrav/grav (Composer) Dec 2, 2025
abdellah0x0
Credited to abdellah0x0
A security vulnerability has been detected in moxi159753 Mogu Blog v2 up to 5.2. The impacted... Moderate Unreviewed
CVE-2025-13816 was published Dec 1, 2025
A vulnerability was found in jsnjfz WebStack-Guns 1.0. This affects the function renderPicture of... Moderate Unreviewed
CVE-2025-13810 was published Dec 1, 2025
A vulnerability was identified in Scada-LTS up to 2.7.8.1. Affected is the function Common... Moderate Unreviewed
CVE-2025-13791 was published Nov 30, 2025
A path traversal vulnerability has been identified in certain router models. A remote,... Moderate Unreviewed
CVE-2025-59372 was published Nov 25, 2025
Fluent Bit out_file plugin does not properly sanitize tag values when deriving output file names.... Moderate Unreviewed
CVE-2025-12972 was published Nov 24, 2025
A parsing issue in the handling of directory paths was addressed with improved path validation.... Moderate Unreviewed
CVE-2025-31248 was published Nov 22, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database