Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,333
Erlang
31
GitHub Actions
22
Go
2,095
Maven
5,000+
npm
3,760
NuGet
678
pip
3,446
Pub
12
RubyGems
892
Rust
882
Swift
37
Unreviewed advisories
All unreviewed
5,000+

2,735 advisories

Loading
IBM Cloud Pak System 2.3.3.6, 2.3.3.6 iFix1, 2.3.3.6 iFix2, 2.3.3.7, 2.3.3.7 iFix1, and 2.3.4.0... Moderate Unreviewed
CVE-2023-38012 was published Jan 25, 2025
The ABC Notation plugin for WordPress is vulnerable to Path Traversal in all versions up to, and... Moderate Unreviewed
CVE-2024-13550 was published Jan 25, 2025
The Connections Business Directory plugin for WordPress is vulnerable to arbitrary directory... Moderate Unreviewed
CVE-2024-12885 was published Jan 25, 2025
A vulnerability, which was classified as problematic, has been found in JoeyBling bootplus up to... Moderate Unreviewed
CVE-2025-0703 was published Jan 24, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2025-24611 was published Jan 24, 2025
Arbitrary file upload, deletion and read through header manipulation Moderate Unreviewed
CVE-2024-55926 was published Jan 23, 2025
BigFix Patch Download Plug-ins are affected by path traversal vulnerability. The application... Moderate Unreviewed
CVE-2024-42187 was published Jan 23, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in... Moderate Unreviewed
CVE-2025-23562 was published Jan 22, 2025
Input validation vulnerability in Qualifio's Wheel of Fortune. This vulnerability could allow an... Moderate Unreviewed
CVE-2025-0614 was published Jan 21, 2025
Input validation vulnerability in Qualifio's Wheel of Fortune. This vulnerability allows an... Moderate Unreviewed
CVE-2025-0615 was published Jan 21, 2025
IBM Maximo MXAPIASSET API 7.6.1.3 could allow a remote attacker to traverse directories on the... Moderate Unreviewed
CVE-2024-45652 was published Jan 19, 2025
The Eventer plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and... Moderate Unreviewed
CVE-2024-10799 was published Jan 17, 2025
IBM InfoSphere Information Server 11.7 could allow a remote attacker to traverse directories on... Moderate Unreviewed
CVE-2024-52363 was published Jan 17, 2025
A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet... Moderate Unreviewed
CVE-2024-48885 was published Jan 16, 2025
A path handling issue was addressed with improved logic. This issue is fixed in watchOS 11.1,... Moderate Unreviewed
CVE-2024-54535 was published Jan 15, 2025
A vulnerability has been found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6... Moderate Unreviewed
CVE-2025-0461 was published Jan 14, 2025
A improper limitation of a pathname to a restricted directory ('path traversal') [CWE-23] in... Moderate Unreviewed
CVE-2024-47566 was published Jan 14, 2025
An improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet... Moderate Unreviewed
CVE-2024-33502 was published Jan 14, 2025
A relative path traversal vulnerability [CWE-23] in Fortinet FortiManager version 7.4.0 through... Moderate Unreviewed
CVE-2024-32115 was published Jan 14, 2025
Path Traversal Vulnerabilities (CWE-22) exist in NJ/NX-series Machine Automation Controllers. An... Moderate Unreviewed
CVE-2024-12083 was published Jan 14, 2025
Pat Infinite Solutions HelpdeskAdvanced <= 11.0.33 is vulnerable to Directory Traversal.... Moderate Unreviewed
CVE-2023-42229 was published Jan 14, 2025
A vulnerability classified as critical has been found in 1902756969 reggie 1.0. Affected is the... Moderate Unreviewed
CVE-2025-0401 was published Jan 13, 2025
keras Path Traversal vulnerability Moderate
CVE-2024-55459 was published for keras (pip) Jan 8, 2025
Soft Serve vulnerable to path traversal attacks Moderate
CVE-2025-22130 was published for github.com/charmbracelet/soft-serve (Go) Jan 8, 2025
The InfiniteWP Client plugin for WordPress is vulnerable to Path Traversal in all versions up to,... Moderate Unreviewed
CVE-2024-10585 was published Jan 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database