GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 24,759
Composer 5,034
Erlang 39
GitHub Actions 38
Go 2,680
Maven 6,120
npm 4,300
NuGet 760
pip 4,078
Pub 12
RubyGems 958
Rust 1,061
Swift 45

Unreviewed advisories

All unreviewed 278,151

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

132 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

Overview The product uses external input to construct a pathname that should be within a... Moderate Unreviewed

CVE-2025-24907 was published Apr 17, 2025

Path Traversal vulnerability in Quý Lê 91 Administrator Z allows Path Traversal. This issue... Moderate Unreviewed

CVE-2025-39598 was published Apr 16, 2025

Path Traversal vulnerability in NotFound WPJobBoard allows Path Traversal. This issue affects... Moderate Unreviewed

CVE-2025-30966 was published Apr 16, 2025

Path Traversal vulnerability in Trusty Plugins Shop Products Filter allows PHP Local File... High Unreviewed

CVE-2025-32585 was published Apr 11, 2025

SAP Capital Yield Tax Management has directory traversal vulnerability due to insufficient path... High Unreviewed

CVE-2025-30014 was published Apr 8, 2025

This vulnerability allows remote attackers to traverse paths via file upload on the affected LG... Moderate Unreviewed

CVE-2024-2863 was published Mar 25, 2024

Path Traversal vulnerability in Bit Apps Bit Assist allows Path Traversal. This issue affects Bit... High Unreviewed

CVE-2025-30834 was published Apr 1, 2025

Path Traversal vulnerability in NotFound GetShop ecommerce allows Path Traversal. This issue... High Unreviewed

CVE-2024-54362 was published Mar 28, 2025

Path Traversal vulnerability in wpjobportal WP Job Portal allows PHP Local File Inclusion. This... High Unreviewed

CVE-2025-26935 was published Feb 25, 2025

Path Traversal vulnerability in NotFound Pie Register Premium. This issue affects Pie Register... Moderate Unreviewed

CVE-2025-26940 was published Mar 16, 2025

Path Traversal vulnerability in NotFound GPX Viewer allows Path Traversal. This issue affects GPX... Moderate Unreviewed

CVE-2025-27274 was published Mar 3, 2025

Path Traversal vulnerability in ElementInvader ElementInvader Addons for Elementor allows PHP... High Unreviewed

CVE-2025-22786 was published Jan 15, 2025

Path Traversal vulnerability in NotFound WizShop allows PHP Local File Inclusion. This issue... High Unreviewed

CVE-2025-25122 was published Mar 3, 2025

A CWE-35 "Path Traversal" in maxtime/api/database/database.lua (copy endpoint) in Q-Free MaxTime... High Unreviewed

CVE-2025-26354 was published Feb 12, 2025

A CWE-35 "Path Traversal" in maxtime/api/database/database.lua in Q-Free MaxTime less than or... Moderate Unreviewed

CVE-2025-26357 was published Feb 12, 2025

A CWE-35 "Path Traversal" in maxtime/api/sql/sql.lua in Q-Free MaxTime less than or equal to... Moderate Unreviewed

CVE-2025-26353 was published Feb 12, 2025

A CWE-35 "Path Traversal" in the template deletion mechanism in Q-Free MaxTime less than or equal... Moderate Unreviewed

CVE-2025-26352 was published Feb 12, 2025

A CWE-35 "Path Traversal" in the template download mechanism in Q-Free MaxTime less than or equal... Moderate Unreviewed

CVE-2025-26351 was published Feb 12, 2025

A CWE-35 "Path Traversal" in maxtime/api/database/database.lua (setActive endpoint) in Q-Free... High Unreviewed

CVE-2025-26356 was published Feb 12, 2025

A CWE-35 "Path Traversal" in maxtime/api/database/database.lua in Q-Free MaxTime less than or... Moderate Unreviewed

CVE-2025-26355 was published Feb 12, 2025

A vulnerability was discovered in the firmware builds up to 8.2.1.0820 in Poly Edge E devices.... Moderate Unreviewed

CVE-2025-0858 was published Feb 5, 2025

A low privileged remote attacker can specify an arbitrary file on the filesystem which may lead... High Unreviewed

CVE-2024-41973 was published Nov 18, 2024

A low privileged remote attacker can overwrite an arbitrary file on the filesystem which may lead... Moderate Unreviewed

CVE-2024-41972 was published Nov 18, 2024

Path Traversal vulnerability in MORKVA Morkva UA Shipping allows PHP Local File Inclusion. This... High Unreviewed

CVE-2025-24685 was published Jan 27, 2025

Path Traversal vulnerability in SMSA Express SMSA Shipping allows Path Traversal.This issue... High Unreviewed

CVE-2024-49249 was published Jan 7, 2025

Previous 1…3…6 Next

Previous 1 2 3 4 5 6 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

132 advisories