Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

Filter advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
74
GitHub Actions
54
Go
4,134
Maven
5,000+
npm
5,000+
NuGet
1,013
pip
5,000+
Pub
13
RubyGems
1,095
Rust
1,419
Swift
61
Unreviewed advisories
All unreviewed
5,000+

173 advisories

Loading
survey-pdf Upgraded jsPDF Version Due to Security Vulnerability Critical
CVE-2026-25630 was published for survey-pdf (npm) Feb 4, 2026
A vulnerability in Brocade Fabric OS before 9.2.1c2 could allow an authenticated attacker with... Moderate Unreviewed
CVE-2025-58381 was published Feb 3, 2026
A vulnerability in Brocade Fabric OS before 9.2.1 could allow an authenticated attacker with... Moderate Unreviewed
CVE-2025-58380 was published Feb 3, 2026
The Access Manager is using the open source web server CompactWebServer written in C#. This web... High Unreviewed
CVE-2025-59099 was published Jan 26, 2026
Path Traversal: '.../...//' vulnerability in beeteam368 VidMov vidmov allows Path Traversal.This... High Unreviewed
CVE-2025-67914 was published Jan 8, 2026
Path Traversal: '.../...//' vulnerability in SigmaPlugin Advanced Database Cleaner PRO allows... Moderate Unreviewed
CVE-2025-46256 was published Jan 7, 2026
jsPDF has Local File Inclusion/Path Traversal vulnerability Critical
CVE-2025-68428 was published for jspdf (npm) Jan 5, 2026
kilkat Credited to kilkat
Path Traversal: '.../...//' vulnerability in AA-Team Pro Bulk Watermark Plugin for WordPress... Moderate Unreviewed
CVE-2025-28973 was published Dec 31, 2025
'.../...//' in Microsoft Purview allows an authorized attacker to execute code over a network. High Unreviewed
CVE-2025-64676 was published Dec 19, 2025
Path Traversal: '.../...//' vulnerability in WordPress.org Health Check & Troubleshooting health... Moderate Unreviewed
CVE-2025-64253 was published Dec 16, 2025
A Path Traversal vulnerability in usbmuxd allows local users to escalate to the service user.This... Moderate Unreviewed
CVE-2025-66004 was published Dec 10, 2025
A low privileged remote attacker can upload a new or overwrite an existing python script by using... High Unreviewed
CVE-2025-41736 was published Nov 18, 2025
An ACAP configuration file lacked sufficient input validation, which could allow a path traversal... Moderate Unreviewed
CVE-2025-5454 was published Nov 11, 2025
Path Traversal: '.../...//' vulnerability in Dmitry V. (CEO of "UKR Solution") Barcode Scanner... High Unreviewed
CVE-2025-58972 was published Nov 6, 2025
Path Traversal: '.../...//' vulnerability in CocoBasic Blanka - One Page WordPress Theme blanka... High Unreviewed
CVE-2025-48090 was published Nov 6, 2025
Path Traversal: '.../...//' vulnerability in Mikado-Themes Wanderland wanderland allows PHP Local... Critical Unreviewed
CVE-2025-39467 was published Nov 6, 2025
Path Traversal: '.../...//' vulnerability in WPMU DEV - Your All-in-One WordPress Platform Smush... Moderate Unreviewed
CVE-2025-22288 was published Nov 6, 2025
A Path Traversal vulnerability in the tftpsync/add and tftpsync/delete scripts allows a remote... High Unreviewed
CVE-2025-53880 was published Oct 30, 2025
The importFile SOAP method is vulnerable to a directory traversal attack. An unauthenticated... Critical Unreviewed
CVE-2025-41723 was published Oct 22, 2025
Path Traversal vulnerability in opentext Flipper allows Absolute Path Traversal.  The... Moderate Unreviewed
CVE-2025-8051 was published Oct 20, 2025
SAP Print Service (SAPSprint) performs insufficient validation of path information provided by... Critical Unreviewed
CVE-2025-42937 was published Oct 14, 2025
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release... Moderate Unreviewed
CVE-2025-43907 was published Oct 7, 2025
Multiple vulnerabilities in Cisco IOS XE Software of could allow an authenticated, local attacker... Moderate Unreviewed
CVE-2025-20313 was published Sep 24, 2025
Dell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) a Path Traversal: ... Moderate Unreviewed
CVE-2025-43886 was published Sep 10, 2025
Path Traversal vulnerability in Stefan Keller WooCommerce Payment Gateway for Saferpay allows... High Unreviewed
CVE-2025-48317 was published Sep 5, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database