Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,466
Erlang
33
GitHub Actions
23
Go
2,166
Maven
5,000+
npm
3,830
NuGet
696
pip
3,507
Pub
12
RubyGems
909
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

6,569 advisories

Loading
Adobe Commerce Path Traversal High
CVE-2025-24406 was published for magento/community-edition (Composer) Feb 11, 2025
An improper limitation of a pathname to a restricted directory ('Path Traversal') vulnerability ... Moderate Unreviewed
CVE-2024-36508 was published Feb 11, 2025
Path traversal in Ivanti CSA before version 5.0.5 allows a remote unauthenticated attacker to... Moderate Unreviewed
CVE-2024-11771 was published Feb 11, 2025
In affected versions of Octopus Deploy it was possible to upload files to unexpected locations on... Low Unreviewed
CVE-2025-0526 was published Feb 11, 2025
SAP Supplier Relationship Management (Master Data Management Catalog) allows an unauthenticated... High Unreviewed
CVE-2025-25243 was published Feb 11, 2025
Path-Traversal vulnerability in Revolution Pi version 2022-07-28-revpi-buster from KUNBUS GmbH.... Moderate Unreviewed
CVE-2024-8685 was published Feb 10, 2025
A vulnerability classified as critical has been found in CmsEasy 7.7.7.9. This affects the... Moderate Unreviewed
CVE-2025-1106 was published Feb 7, 2025
xml2rfc has file inclusion irregularities Moderate
GHSA-432c-wxpg-m4q3 was published for xml2rfc (pip) Feb 7, 2025
Directory Traversal in File Upload in Gleamtech FileVista 9.2.0.0 allows remote attackers to... Moderate Unreviewed
CVE-2024-57248 was published Feb 7, 2025
Local File Inclusion vulnerability in dhtmlxFileExplorer v.8.4.6 allows a remote attacker to... High Unreviewed
CVE-2024-55214 was published Feb 7, 2025
An issue was discovered in AudioCodes One Voice Operations Center (OVOC) before 8.4.582. Due to a... High Unreviewed
CVE-2024-52883 was published Feb 7, 2025
Directory Traversal vulnerability in dhtmlxFileExplorer v.8.4.6 allows a remote attacker to... High Unreviewed
CVE-2024-55213 was published Feb 7, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-25155 was published Feb 7, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-25163 was published Feb 7, 2025
An issue in the relPath parameter of WebFileSys version 2.31.0 allows attackers to perform... High Unreviewed
CVE-2024-53586 was published Feb 7, 2025
A vulnerability has been identified in GoldPanKit eva-server v4.1.0. It affects the path... Moderate Unreviewed
CVE-2024-54909 was published Feb 7, 2025
WhoDB has a path traversal opening Sqlite3 database Critical
CVE-2025-24786 was published for github.com/clidey/whodb/core (Go) Feb 6, 2025
nnsee modelorona
hkdeman
The Post and Page Builder by BoldGrid – Visual Drag and Drop Editor plugin for WordPress is... Moderate Unreviewed
CVE-2025-0859 was published Feb 6, 2025
IBM App Connect enterprise 12.0.1.0 through 12.0.12.10 and 13.0.1.0 through 13.0.2.1 could allow... Moderate Unreviewed
CVE-2025-0799 was published Feb 6, 2025
Browsershot Path Traversal High
CVE-2025-1022 was published for spatie/browsershot (Composer) Feb 5, 2025
Browsershot Local File Inclusion Moderate
CVE-2025-1026 was published for spatie/browsershot (Composer) Feb 5, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Files or... Moderate Unreviewed
CVE-2024-48019 was published Feb 4, 2025
A vulnerability in the web-based management interface of HPE Aruba Networking ClearPass Policy... Moderate Unreviewed
CVE-2025-23059 was published Feb 4, 2025
Vitest browser mode serves arbitrary files Moderate
CVE-2025-24963 was published for @vitest/browser (npm) Feb 4, 2025
sapphi-red
ChestnutCMS <=1.5.0 has a directory traversal vulnerability in contentcore.controller... High Unreviewed
CVE-2024-57451 was published Feb 3, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database