GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 23,470
Composer 4,827
Erlang 36
GitHub Actions 32
Go 2,441
Maven 5,838
npm 4,061
NuGet 723
pip 3,859
Pub 12
RubyGems 941
Rust 1,007
Swift 38

Unreviewed advisories

All unreviewed 265,512

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.

171 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Multiple relative path traversal vulnerabilities [CWE-23] in Fortinet FortiMail version 7.6.0... Moderate Unreviewed

CVE-2024-40588 was published Aug 12, 2025

A relative path traversal vulnerability [CWE-23] in FortiSOAR 7.6.0, 7.5.0 through 7.5.1, 7.4 all... Moderate Unreviewed

CVE-2024-48892 was published Aug 12, 2025

Relative path traversal in Windows Kerberos allows an authorized attacker to elevate privileges... High Unreviewed

CVE-2025-53779 was published Aug 12, 2025

A path traversal vulnerability in Vedo Suite 2024.17 allows remote authenticated attackers to... Moderate Unreviewed

CVE-2025-51052 was published Aug 6, 2025

An issue was discovered in Logpoint before 7.6.0. An attacker with operator privileges can... High Unreviewed

CVE-2025-54317 was published Jul 20, 2025

An 'Arbitrary File Deletion' in Samsung DMS(Data Management Server) allows attackers to delete... Moderate Unreviewed

CVE-2025-53082 was published Jul 29, 2025

In JetBrains TeamCity before 2025.07 path traversal was possible via plugin unpacking on Windows High Unreviewed

CVE-2025-54531 was published Jul 28, 2025

A path traversal vulnerability exists in the 'document uploads manager' feature of mintplex-labs... High Unreviewed

CVE-2024-10513 was published Mar 20, 2025

BatchSignCS, a background Windows application developed by WellChoose, has an Arbitrary File... High Unreviewed

CVE-2025-7619 was published Jul 14, 2025

Relative path traversal in Remote Desktop Client allows an unauthorized attacker to execute code... High Unreviewed

CVE-2025-48817 was published Jul 8, 2025

The iPublish System developed by Jhenggao has an Arbitrary File Reading vulnerability, allowing... High Unreviewed

CVE-2025-7146 was published Jul 8, 2025

Directory traversal vulnerability in the web server in SpecView 2.5 build 853 and earlier allows... Moderate Unreviewed

CVE-2012-5972 was published May 17, 2022

Directory traversal vulnerability in the Runtime Toolkit in CODESYS Runtime System 2.3.x and 2.4... High Unreviewed

CVE-2012-6069 was published May 17, 2022

PBXCoreREST/Controllers/Files/PostController.php in MikoPBX through 2024.1.114 allows uploading a... Critical Unreviewed

CVE-2025-52207 was published Jun 27, 2025

Innoshop through 0.4.1 allows directory traversal via FileManager API endpoints. An authenticated... High Unreviewed

CVE-2025-52922 was published Jun 23, 2025

Sitecore Experience Manager (XM), Experience Platform (XP), and Experience Commerce (XC) versions... High Unreviewed

CVE-2025-34510 was published Jun 17, 2025

IBM AIX 7.3 and IBM VIOS 4.1.1 Perl implementation could allow a non-privileged local user to... High Unreviewed

CVE-2025-33112 was published Jun 10, 2025

A vulnerability was found in ZKTeco ZKBio Media 2.0.0_x64_2024-01-29-1028. It has been classified... Moderate Unreviewed

CVE-2024-2318 was published Mar 8, 2024

A missing protection against path traversal allows to access any file on the server. Critical Unreviewed

CVE-2025-3365 was published Jun 6, 2025

DevExpress before 23.1.3 allows arbitrary TypeConverter conversion. Low Unreviewed

CVE-2023-35816 was published Apr 28, 2025

aerc before 93bec0d allows directory traversal in commands/msgview/open.go because of direct path... Moderate Unreviewed

CVE-2025-49466 was published Jun 5, 2025

In JetBrains TeamCity before 2023.11.4 path traversal allowing to perform limited admin actions ... High Unreviewed

CVE-2024-27199 was published Mar 4, 2024

All versions of the Medtronic 2090 Carelink Programmer are affected by a directory traversal... Moderate Unreviewed

CVE-2018-5448 was published May 13, 2022

In JetBrains TeamCity before 2025.03.1 improper path validation in loggingPreset parameter was... Moderate Unreviewed

CVE-2025-46433 was published Apr 25, 2025

In JetBrains IntelliJ IDEA before 2023.3.3 path traversal was possible when unpacking archives Low Unreviewed

CVE-2024-24940 was published Feb 6, 2024

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

171 advisories