Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,667
Maven
5,000+
npm
4,295
NuGet
760
pip
4,073
Pub
12
RubyGems
957
Rust
1,057
Swift
45
Unreviewed advisories
All unreviewed
5,000+

258 advisories

Loading
A Path Traversal vulnerability has been identified in the Email Security appliance allows an... Moderate Unreviewed
CVE-2025-40605 was published Nov 20, 2025
Astro Development Server has Arbitrary Local File Read Low
CVE-2025-64757 was published for astro (npm) Nov 19, 2025
monizb Princesseuh
delucis ematipico
Credited to monizb, Princesseuh, delucis, and ematipico
A vulnerability was found in code-projects Email Logging Interface 2.0. Affected is an unknown... Moderate Unreviewed
CVE-2025-13199 was published Nov 15, 2025
PrivateBin's template-switching feature allows arbitrary local file inclusion through path traversal Moderate
CVE-2025-64714 was published for privatebin/privatebin (Composer) Nov 14, 2025
esnard elrido
rugk
Credited to esnard, elrido, and rugk
A relative path traversal vulnerability in Fortinet FortiWeb 8.0.0 through 8.0.1, FortiWeb 7.6.0... Critical Unreviewed
CVE-2025-64446 was published Nov 14, 2025
IQ-Support developed by IQ Service International has an Arbitrary File Read vulnerability,... High Unreviewed
CVE-2025-13161 was published Nov 14, 2025
A relative path traversal vulnerability has been reported to affect Download Station. If a remote... Low Unreviewed
CVE-2025-58463 was published Nov 7, 2025
A relative path traversal vulnerability has been reported to affect QuMagie. If a remote attacker... High Unreviewed
CVE-2025-58464 was published Nov 7, 2025
Dell Secure Connect Gateway (SCG) 5.0 Application and Appliance version(s) 5.26.00.00 - 5.30.00... Moderate Unreviewed
CVE-2025-46363 was published Oct 30, 2025
Apache Tomcat Vulnerable to Relative Path Traversal High
CVE-2025-55752 was published for org.apache.tomcat.embed:tomcat-embed-core (Maven) Oct 27, 2025
aruneko tkwilli94
Credited to aruneko and tkwilli94
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4... Moderate Unreviewed
CVE-2025-59776 was published Oct 24, 2025
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4... High Unreviewed
CVE-2025-58429 was published Oct 24, 2025
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4... Moderate Unreviewed
CVE-2025-60023 was published Oct 24, 2025
A relative path traversal (ZipSlip) vulnerability was discovered in Productivity Suite software... High Unreviewed
CVE-2025-62498 was published Oct 24, 2025
A relative path traversal vulnerability was discovered in Productivity Suite software version 4... High Unreviewed
CVE-2025-58078 was published Oct 24, 2025
A relative path traversal vulnerability was discovered in Productivity Suite software version 4... High Unreviewed
CVE-2025-58456 was published Oct 24, 2025
Agentflow developed by Flowring has an Arbitrary File Reading vulnerability, allowing... High Unreviewed
CVE-2025-11898 was published Oct 17, 2025
Argo Workflow has a Zipslip Vulnerability High
CVE-2025-62156 was published for github.com/argoproj/argo-workflows/v3 (Go) Oct 14, 2025
im-soohyun J1vvoo
Credited to im-soohyun and J1vvoo
The Slider Revolution plugin for WordPress is vulnerable to unauthorized access and modification... Moderate Unreviewed
CVE-2025-10249 was published Oct 9, 2025
In Ankitects Anki before 25.02.6, crafted sound file references could cause files to be written... Low Unreviewed
CVE-2025-62187 was published Oct 7, 2025
Django vulnerable to partial directory traversal via archives Low
CVE-2025-59682 was published for django (pip) Oct 1, 2025
nncp before 8.12.0 allows path traversal (for reading or writing) during freqing and file saving... Moderate Unreviewed
CVE-2025-60020 was published Sep 24, 2025
The eHRD CTMS developed by Sunnet has an Arbitrary File Reading vulnerability, allowing remote... Moderate Unreviewed
CVE-2025-9570 was published Sep 23, 2025
esm.sh has File Inclusion issue High
CVE-2025-59341 was published for github.com/esm-dev/esm.sh (Go) Sep 17, 2025
j3ssie
Credited to j3ssie
In JetBrains TeamCity before 2025.07.2 path traversal was possible during project archive upload Moderate Unreviewed
CVE-2025-59456 was published Sep 17, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database