Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,894
Erlang
38
GitHub Actions
38
Go
2,558
Maven
5,000+
npm
4,232
NuGet
751
pip
4,001
Pub
12
RubyGems
953
Rust
1,042
Swift
45
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

682 advisories

Loading
The WooCommerce Designer Pro plugin for WordPress, used by the Pricom - Printing Company & Design... Critical Unreviewed
CVE-2025-6439 was published Oct 11, 2025
The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is... Critical Unreviewed
CVE-2025-7526 was published Oct 9, 2025
Vulnerability in the Oracle Concurrent Processing product of Oracle E-Business Suite (component:... Critical Unreviewed
CVE-2025-61882 was published Oct 5, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Unrestricted... Critical Unreviewed
CVE-2025-11221 was published Oct 2, 2025
A path traversal vulnerability in Novakon P series allows to expose the root file system "/" and... Critical Unreviewed
CVE-2025-9963 was published Sep 23, 2025
A directory traversal issue in Swetrix Web Analytics API 3.1.1 before 7d8b972 allows a remote... Critical Unreviewed
CVE-2025-59304 was published Sep 17, 2025
Delta Electronics DIALink has an Directory Traversal Authentication Bypass Vulnerability. Critical Unreviewed
CVE-2025-58321 was published Sep 11, 2025
ColdFusion versions 2025.3, 2023.15, 2021.21 and earlier are affected by an Improper Limitation... Critical Unreviewed
CVE-2025-54261 was published Sep 9, 2025
ITCube CRM in versions from 2023.2 through 2025.2 is vulnerable to path traversal.... Critical Unreviewed
CVE-2025-5993 was published Sep 8, 2025
QiAnXin TianQing Management Center versions up to and including 6.7.0.4130 contain a path... Critical Unreviewed
CVE-2024-13984 was published Aug 28, 2025
A path traversal vulnerability exists in the Dahua Smart Park Integrated Management Platform ... Critical Unreviewed
CVE-2023-7309 was published Aug 28, 2025
LiveBOS, an object-oriented business architecture middleware suite developed by Apex Software Co.... Critical Unreviewed
CVE-2024-13981 was published Aug 28, 2025
n8n-workflows Main Commit ee25413 allows attackers to execute a directory traversal via the... Critical Unreviewed
CVE-2025-55526 was published Aug 26, 2025
A path traversal vulnerability in unauthenticated upload functionality allows a malicious actor... Critical Unreviewed
CVE-2025-53120 was published Aug 26, 2025
A path traversal vulnerability in the NPM package installation process of Google Cloud Dataform... Critical Unreviewed
CVE-2025-9118 was published Aug 25, 2025
The WP Webhooks plugin for WordPress is vulnerable to arbitrary file copy due to missing... Critical Unreviewed
CVE-2025-8895 was published Aug 21, 2025
A Path Traversal vulnerability in AllSky v2023.05.01_04 allows an unauthenticated attacker to... Critical Unreviewed
CVE-2024-44373 was published Aug 19, 2025
UnForm Server Manager versions prior to 10.1.12 expose an unauthenticated file read vulnerability... Critical Unreviewed
CVE-2025-34154 was published Aug 13, 2025
Umbraco CMS versions prior to 4.7.1 are vulnerable to unauthenticated remote code execution via... Critical Unreviewed
CVE-2012-10054 was published Aug 13, 2025
QuickShare File Server 1.2.1 contains a path traversal vulnerability in its FTP service due to... Critical Unreviewed
CVE-2011-10010 was published Aug 13, 2025
A vulnerability in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab through 9.8... Critical Unreviewed
CVE-2025-52913 was published Aug 8, 2025
In Xerox FreeFlow Core version 8.0.4, an attacker can exploit a Path Traversal vulnerability to... Critical Unreviewed
CVE-2025-8356 was published Aug 8, 2025
Marvell QConvergeConsole compressConfigFiles Directory Traversal Information Disclosure and... Critical Unreviewed
CVE-2025-8426 was published Jul 31, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2025-54446 was published Jul 23, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Critical Unreviewed
CVE-2025-54443 was published Jul 23, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database