Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,633
Erlang
34
GitHub Actions
25
Go
2,241
Maven
5,000+
npm
3,902
NuGet
701
pip
3,669
Pub
12
RubyGems
914
Rust
943
Swift
38
Unreviewed advisories
All unreviewed
5,000+

187 advisories

Loading
Umbraco has a Management API Vulnerability to Path Traversal With Authenticated Users High
CVE-2025-32017 was published for Umbraco.Cms (NuGet) Apr 9, 2025
ggisz
Ratta SuperNote A6 X2 Nomad before December 2024 allows remote code execution because an... High Unreviewed
CVE-2025-32409 was published Apr 8, 2025
Relative Path Traversal vulnerability in Cristián Lávaque s2Member allows Path Traversal. This... Moderate Unreviewed
CVE-2025-32137 was published Apr 4, 2025
A relative path traversal in Fortinet FortiSIEM versions 7.0.0, 6.7.0 through 6.7.2, 6.6.0... Critical Unreviewed
CVE-2023-40714 was published Apr 2, 2025
The Import Export Suite for CSV and XML Datafeed plugin for WordPress is vulnerable to arbitrary... High Unreviewed
CVE-2025-2007 was published Apr 1, 2025
Solon Vulnerable to Path Traversal Moderate
CVE-2025-2961 was published for org.noear:solon-view (Maven) Mar 31, 2025
Apache Commons VFS Has Relative Path Traversal Vulnerability High
CVE-2025-27553 was published for org.apache.commons:commons-vfs2 (Maven) Mar 23, 2025
An unauthorized file deletion vulnerability exists in the latest version of the Polyaxon platform... High Unreviewed
CVE-2024-9363 was published Mar 20, 2025
AgentScope path traversal vulnerability in save-workflow Critical
CVE-2024-8551 was published for agentscope (pip) Mar 20, 2025
A vulnerability in the sanitize_path function in parisneo/lollms-webui v10 - latest allows an... Moderate Unreviewed
CVE-2024-7058 was published Mar 20, 2025
Aim Relative Path Traversal vulnerability Moderate
CVE-2024-6483 was published for aim (pip) Mar 20, 2025
A path traversal vulnerability exists in the latest version of stangirard/quivr. This... Moderate Unreviewed
CVE-2024-6583 was published Mar 20, 2025
A path traversal vulnerability exists in the 'document uploads manager' feature of mintplex-labs... High Unreviewed
CVE-2024-10513 was published Mar 20, 2025
A vulnerability in the `start_app_server` function of parisneo/lollms-webui V12 (Strawberry)... Moderate Unreviewed
CVE-2024-10019 was published Mar 20, 2025
The API used to interact with documents in the application contains two endpoints with a flaw... High Unreviewed
CVE-2024-54449 was published Mar 14, 2025
The API used to interact with documents in the application contains a flaw that allows an... High Unreviewed
CVE-2024-12019 was published Mar 14, 2025
The WP Ghost (Hide My WP Ghost) – Security & Firewall plugin for WordPress is vulnerable to Path... High Unreviewed
CVE-2025-2056 was published Mar 14, 2025
NVIDIA Nemo Framework contains a vulnerability where a user could cause a relative path traversal... High Unreviewed
CVE-2025-23360 was published Mar 11, 2025
Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code... High Unreviewed
CVE-2025-26645 was published Mar 11, 2025
Local File Inclusion in Rack::Static High
CVE-2025-27610 was published for rack (RubyGems) Mar 10, 2025
Masamuneee jeremyevans
ioquatix
When uploading organism or sequence data via the web interface, GMOD Apollo will unzip and... Critical Unreviewed
CVE-2025-23410 was published Mar 5, 2025
Relative Path Traversal vulnerability in NotFound Delete Comments By Status allows PHP Local File... High Unreviewed
CVE-2025-25130 was published Mar 3, 2025
IBM Cognos Analytics 11.2.0 through 11.2.4 FP5 is vulnerable to local file inclusion... Moderate Unreviewed
CVE-2024-56340 was published Feb 28, 2025
Mautic allows Remote Code Execution and File Deletion in Asset Uploads Critical
CVE-2024-47051 was published for mautic/core (Composer) Feb 26, 2025
mallo-m patrykgruszka
A vulnerability was found in SourceCodester Best Church Management Software 1.0. It has been... Moderate Unreviewed
CVE-2025-1599 was published Feb 24, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database