Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,466
Erlang
33
GitHub Actions
23
Go
2,166
Maven
5,000+
npm
3,830
NuGet
696
pip
3,507
Pub
12
RubyGems
909
Rust
904
Swift
38
Unreviewed advisories
All unreviewed
5,000+

6,569 advisories

Loading
Directory Traversal vulnerability in Zrlog backup-sql-file.jar v.3.0.31 allows a remote attacker... High Unreviewed
CVE-2024-57669 was published Feb 3, 2025
S3Proxy allows insecure path traversal in filesystem and filesystem-nio2 storage backends Moderate
CVE-2025-24961 was published for org.gaul:s3proxy (Maven) Feb 3, 2025
xbow-security
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-24569 was published Feb 3, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2025-24605 was published Feb 3, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... High Unreviewed
CVE-2025-23819 was published Feb 3, 2025
A vulnerability classified as critical was found in CmsEasy 7.7.7.9. This vulnerability affects... Moderate Unreviewed
CVE-2025-0973 was published Feb 3, 2025
The Jupiter X Core plugin for WordPress is vulnerable to Directory Traversal in all versions up... Moderate Unreviewed
CVE-2025-0365 was published Feb 1, 2025
Dell PowerProtect DD versions prior to DDOS 8.3.0.0, 7.10.1.50, and 7.13.1.20 contain a path... High Unreviewed
CVE-2024-51534 was published Feb 1, 2025
An issue found in the Copy and View functions in the File Manager component of OpenPanel v0.3.4... High Unreviewed
CVE-2024-53582 was published Jan 31, 2025
An issue in OpenPanel v0.3.4 to v0.2.1 allows attackers to execute a directory traversal in File... High Unreviewed
CVE-2024-53537 was published Jan 31, 2025
The MultiVendorX – The Ultimate WooCommerce Multivendor Marketplace Solution plugin for WordPress... Critical Unreviewed
CVE-2025-0493 was published Jan 31, 2025
Sante PACS Server DCM File Parsing Directory Traversal Arbitrary File Write Vulnerability. This... Moderate Unreviewed
CVE-2025-0573 was published Jan 30, 2025
Sante PACS Server Web Portal DCM File Parsing Directory Traversal Arbitrary File Write... Moderate Unreviewed
CVE-2025-0572 was published Jan 30, 2025
The Music Sheet Viewer plugin for WordPress is vulnerable to Arbitrary File Read in all versions... High Unreviewed
CVE-2024-13671 was published Jan 30, 2025
DevDojo Voyager vulnerable to path traversal High
CVE-2024-55415 was published for tcg/voyager (Composer) Jan 30, 2025
The WP Image Uploader plugin for WordPress is vulnerable to arbitrary file deletion due to... High Unreviewed
CVE-2024-13720 was published Jan 30, 2025
Deep Java Library path traversal issue Critical
CVE-2025-0851 was published for ai.djl:api (Maven) Jan 29, 2025
CRI-O Path Traversal vulnerability Moderate
CVE-2025-0750 was published for github.com/cri-o/cri-o (Go) Jan 28, 2025
A vulnerability has been identified in Node.js, specifically affecting the handling of drive... Moderate Unreviewed
CVE-2025-23084 was published Jan 28, 2025
CMSimple 5.16 allows the user to read cms source code through manipulation of the file name in... High Unreviewed
CVE-2024-57549 was published Jan 28, 2025
Local privilege escalation due to incorrect assignment of privileges of temporary files in the... High Unreviewed
CVE-2025-0542 was published Jan 25, 2025
IBM Cloud Pak System 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, and 2.3.4.0... Moderate Unreviewed
CVE-2023-38012 was published Jan 25, 2025
The ABC Notation plugin for WordPress is vulnerable to Path Traversal in all versions up to, and... Moderate Unreviewed
CVE-2024-13550 was published Jan 25, 2025
The Connections Business Directory plugin for WordPress is vulnerable to arbitrary directory... Moderate Unreviewed
CVE-2024-12885 was published Jan 25, 2025
A vulnerability, which was classified as problematic, has been found in JoeyBling bootplus up to... Moderate Unreviewed
CVE-2025-0703 was published Jan 24, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database