Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,826
Erlang
36
GitHub Actions
32
Go
2,426
Maven
5,000+
npm
4,058
NuGet
723
pip
3,848
Pub
12
RubyGems
934
Rust
1,006
Swift
38
Unreviewed advisories
All unreviewed
5,000+

219 advisories

Loading
A path traversal vulnerability in Vedo Suite 2024.17 allows remote authenticated attackers to... Moderate Unreviewed
CVE-2025-51052 was published Aug 6, 2025
An issue was discovered in Logpoint before 7.6.0. An attacker with operator privileges can... High Unreviewed
CVE-2025-54317 was published Jul 20, 2025
An 'Arbitrary File Deletion' in Samsung DMS(Data Management Server) allows attackers to delete... Moderate Unreviewed
CVE-2025-53082 was published Jul 29, 2025
In JetBrains TeamCity before 2025.07 path traversal was possible via plugin unpacking on Windows High Unreviewed
CVE-2025-54531 was published Jul 28, 2025
Assemblyline 4 service client vulnerable to Arbitrary Write through path traversal in Client code Critical
GHSA-75jv-vfxf-3865 was published for assemblyline-service-client (pip) Jul 25, 2025
serexp
Filemanager is vulnerable to Relative Path Traversal through filemanager.php Moderate
CVE-2025-46002 was published for simogeo/filemanager (Composer) Jul 18, 2025
A path traversal vulnerability exists in the 'document uploads manager' feature of mintplex-labs... High Unreviewed
CVE-2024-10513 was published Mar 20, 2025
BatchSignCS, a background Windows application developed by WellChoose, has an Arbitrary File... High Unreviewed
CVE-2025-7619 was published Jul 14, 2025
Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code... High Unreviewed
CVE-2025-48817 was published Jul 8, 2025
The iPublish System developed by Jhenggao has an Arbitrary File Reading vulnerability, allowing... High Unreviewed
CVE-2025-7146 was published Jul 8, 2025
Directory traversal vulnerability in the web server in SpecView 2.5 build 853 and earlier allows... Moderate Unreviewed
CVE-2012-5972 was published May 17, 2022
Directory traversal vulnerability in the Runtime Toolkit in CODESYS Runtime System 2.3.x and 2.4... High Unreviewed
CVE-2012-6069 was published May 17, 2022
raspap-webgui has a Directory Traversal vulnerability High
CVE-2025-44163 was published for billz/raspap-webgui (Composer) Jun 27, 2025
AstrBot Has Path Traversal Vulnerability in /api/chat/get_file High
CVE-2025-48957 was published for astrbot (pip) Jun 4, 2025
7resp4ss Soulter
Raven95676
PBXCoreREST/Controllers/Files/PostController.php in MikoPBX through 2024.1.114 allows uploading a... Critical Unreviewed
CVE-2025-52207 was published Jun 27, 2025
Innoshop through 0.4.1 allows directory traversal via FileManager API endpoints. An authenticated... High Unreviewed
CVE-2025-52922 was published Jun 23, 2025
Sitecore Experience Manager (XM), Experience Platform (XP), and Experience Commerce (XC) versions... High Unreviewed
CVE-2025-34510 was published Jun 17, 2025
IBM AIX 7.3 and IBM VIOS 4.1.1 Perl implementation could allow a non-privileged local user to... High Unreviewed
CVE-2025-33112 was published Jun 10, 2025
A vulnerability was found in ZKTeco ZKBio Media 2.0.0_x64_2024-01-29-1028. It has been classified... Moderate Unreviewed
CVE-2024-2318 was published Mar 8, 2024
A missing protection against path traversal allows to access any file on the server. Critical Unreviewed
CVE-2025-3365 was published Jun 6, 2025
DevExpress before 23.1.3 allows arbitrary TypeConverter conversion. Low Unreviewed
CVE-2023-35816 was published Apr 28, 2025
aerc before 93bec0d allows directory traversal in commands/msgview/open.go because of direct path... Moderate Unreviewed
CVE-2025-49466 was published Jun 5, 2025
In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions ... High Unreviewed
CVE-2024-27199 was published Mar 4, 2024
All versions of the Medtronic 2090 Carelink Programmer are affected by a directory traversal... Moderate Unreviewed
CVE-2018-5448 was published May 13, 2022
In JetBrains TeamCity before 2025.03.1 improper path validation in loggingPreset parameter was... Moderate Unreviewed
CVE-2025-46433 was published Apr 25, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database