Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,324
Erlang
31
GitHub Actions
21
Go
2,087
Maven
5,000+
npm
3,751
NuGet
674
pip
3,437
Pub
12
RubyGems
892
Rust
881
Swift
37
Unreviewed advisories
All unreviewed
5,000+

6,383 advisories

Loading
The Eventer plugin for WordPress is vulnerable to Directory Traversal in all versions up to, and... Moderate Unreviewed
CVE-2024-10799 was published Jan 17, 2025
IBM InfoSphere Information Server 11.7 could allow a remote attacker to traverse directories on... Moderate Unreviewed
CVE-2024-52363 was published Jan 17, 2025
A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet... Moderate Unreviewed
CVE-2024-48885 was published Jan 16, 2025
SimpleHelp remote support software v5.5.7 and before is vulnerable to multiple path traversal... High Unreviewed
CVE-2024-57727 was published Jan 16, 2025
A path handling issue was addressed with improved logic. This issue is fixed in watchOS 11.1,... Moderate Unreviewed
CVE-2024-54535 was published Jan 15, 2025
An unbounded resource search path in Ivanti EPM before the 2024 January-2025 Security Update and... High Unreviewed
CVE-2024-13158 was published Jan 14, 2025
Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker... High Unreviewed
CVE-2024-13179 was published Jan 14, 2025
Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker... High Unreviewed
CVE-2024-13180 was published Jan 14, 2025
Path Traversal in Ivanti Avalanche before version 6.4.7 allows a remote unauthenticated attacker... High Unreviewed
CVE-2024-13181 was published Jan 14, 2025
A vulnerability has been found in Shanghai Lingdang Information Technology Lingdang CRM up to 8.6... Moderate Unreviewed
CVE-2025-0461 was published Jan 14, 2025
Multiple directory traversal vulnerabilities exist in the nas.cgi add_dir() functionality of... Critical Unreviewed
CVE-2024-39786 was published Jan 14, 2025
Multiple directory traversal vulnerabilities exist in the nas.cgi add_dir() functionality of... Critical Unreviewed
CVE-2024-39787 was published Jan 14, 2025
A improper limitation of a pathname to a restricted directory ('path traversal') [CWE-23] in... Moderate Unreviewed
CVE-2024-47566 was published Jan 14, 2025
A improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet... High Unreviewed
CVE-2024-48884 was published Jan 14, 2025
An improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet... High Unreviewed
CVE-2024-36512 was published Jan 14, 2025
An improper limitation of a pathname to a restricted directory ('path traversal') in Fortinet... Moderate Unreviewed
CVE-2024-33502 was published Jan 14, 2025
A relative path traversal vulnerability [CWE-23] in Fortinet FortiManager version 7.4.0 through... Moderate Unreviewed
CVE-2024-32115 was published Jan 14, 2025
Path Traversal Vulnerabilities (CWE-22) exist in NJ/NX-series Machine Automation Controllers. An... Moderate Unreviewed
CVE-2024-12083 was published Jan 14, 2025
A vulnerability classified as critical has been found in 1902756969 reggie 1.0. Affected is the... Moderate Unreviewed
CVE-2025-0401 was published Jan 13, 2025
The Post Grid Master – Custom Post Types, Taxonomies & Ajax Filter Everything with Infinite... Critical Unreviewed
CVE-2024-11642 was published Jan 9, 2025
The Permission Model assumes that any path starting with two backslashes \ has a four-character... Low Unreviewed
CVE-2024-37372 was published Jan 9, 2025
keras Path Traversal vulnerability Moderate
CVE-2024-55459 was published for keras (pip) Jan 8, 2025
Soft Serve vulnerable to path traversal attacks Moderate
CVE-2025-22130 was published for github.com/charmbracelet/soft-serve (Go) Jan 8, 2025
The WordPress File Upload plugin for WordPress is vulnerable to Path Traversal in all versions up... High Unreviewed
CVE-2024-9939 was published Jan 8, 2025
The InfiniteWP Client plugin for WordPress is vulnerable to Path Traversal in all versions up to,... Moderate Unreviewed
CVE-2024-10585 was published Jan 8, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database