GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,512
Composer 4,968
Erlang 39
GitHub Actions 38
Go 2,616
Maven 6,100
npm 4,255
NuGet 760
pip 4,040
Pub 12
RubyGems 953
Rust 1,050
Swift 45

Unreviewed advisories

All unreviewed 275,919

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

685 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

The ShopLentor – WooCommerce Builder for Elementor & Gutenberg +21 Modules – All in One Solution ... Critical Unreviewed

CVE-2025-12493 was published Nov 4, 2025

Vulnerable Upgrade Feature (Arbitrary File Write) may lead to obtaining super user permissions on... Critical Unreviewed

CVE-2025-12422 was published Oct 28, 2025

A path traversal vulnerability in all versions of the Windsurf IDE enables a threat actor to read... Critical Unreviewed

CVE-2025-62353 was published Oct 17, 2025

The WooCommerce Designer Pro plugin for WordPress, used by the Pricom - Printing Company & Design... Critical Unreviewed

CVE-2025-6439 was published Oct 11, 2025

The WP Travel Engine – Tour Booking Plugin – Tour Operator Software plugin for WordPress is... Critical Unreviewed

CVE-2025-7526 was published Oct 9, 2025

Vulnerability in the Oracle Concurrent Processing product of Oracle E-Business Suite (component:... Critical Unreviewed

CVE-2025-61882 was published Oct 5, 2025

Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal'), Unrestricted... Critical Unreviewed

CVE-2025-11221 was published Oct 2, 2025

A path traversal vulnerability in Novakon P series allows to expose the root file system "/" and... Critical Unreviewed

CVE-2025-9963 was published Sep 23, 2025

A directory traversal issue in Swetrix Web Analytics API 3.1.1 before 7d8b972 allows a remote... Critical Unreviewed

CVE-2025-59304 was published Sep 17, 2025

Delta Electronics DIALink has an Directory Traversal Authentication Bypass Vulnerability. Critical Unreviewed

CVE-2025-58321 was published Sep 11, 2025

ColdFusion versions 2025.3, 2023.15, 2021.21 and earlier are affected by an Improper Limitation... Critical Unreviewed

CVE-2025-54261 was published Sep 9, 2025

ITCube CRM in versions from 2023.2 through 2025.2 is vulnerable to path traversal.... Critical Unreviewed

CVE-2025-5993 was published Sep 8, 2025

QiAnXin TianQing Management Center versions up to and including 6.7.0.4130 contain a path... Critical Unreviewed

CVE-2024-13984 was published Aug 28, 2025

LiveBOS, an object-oriented business architecture middleware suite developed by Apex Software Co.... Critical Unreviewed

CVE-2024-13981 was published Aug 28, 2025

A path traversal vulnerability exists in the Dahua Smart Park Integrated Management Platform ... Critical Unreviewed

CVE-2023-7309 was published Aug 28, 2025

n8n-workflows Main Commit ee25413 allows attackers to execute a directory traversal via the... Critical Unreviewed

CVE-2025-55526 was published Aug 26, 2025

A path traversal vulnerability in unauthenticated upload functionality allows a malicious actor... Critical Unreviewed

CVE-2025-53120 was published Aug 26, 2025

A path traversal vulnerability in the NPM package installation process of Google Cloud Dataform... Critical Unreviewed

CVE-2025-9118 was published Aug 25, 2025

The WP Webhooks plugin for WordPress is vulnerable to arbitrary file copy due to missing... Critical Unreviewed

CVE-2025-8895 was published Aug 21, 2025

A Path Traversal vulnerability in AllSky v2023.05.01_04 allows an unauthenticated attacker to... Critical Unreviewed

CVE-2024-44373 was published Aug 19, 2025

Umbraco CMS versions prior to 4.7.1 are vulnerable to unauthenticated remote code execution via... Critical Unreviewed

CVE-2012-10054 was published Aug 13, 2025

UnForm Server Manager versions prior to 10.1.12 expose an unauthenticated file read vulnerability... Critical Unreviewed

CVE-2025-34154 was published Aug 13, 2025

QuickShare File Server 1.2.1 contains a path traversal vulnerability in its FTP service due to... Critical Unreviewed

CVE-2011-10010 was published Aug 13, 2025

In Xerox FreeFlow Core version 8.0.4, an attacker can exploit a Path Traversal vulnerability to... Critical Unreviewed

CVE-2025-8356 was published Aug 8, 2025

A vulnerability in the NuPoint Unified Messaging (NPM) component of Mitel MiCollab through 9.8... Critical Unreviewed

CVE-2025-52913 was published Aug 8, 2025

Previous1…28 Next

Previous 1 2 3 4 5 … 27 28 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

685 advisories