GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

All reviewed 30,628
Composer 5,817
Erlang 61
GitHub Actions 50
Go 3,821
Maven 6,571
npm 6,204
NuGet 939
pip 5,090
Pub 13
RubyGems 1,059
Rust 1,357
Swift 54

Unreviewed advisories

All unreviewed 302,673

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Filter advisories

GitHub reviewed advisories

Unreviewed advisories

All unreviewed

5,000+

163 advisories

Filter by severity

Uh oh!

There was an error while loading. Please reload this page.

Sort by

Newest

Oldest

Recently updated

Least recently updated

SAP Capital Yield Tax Management has directory traversal vulnerability due to insufficient path... High Unreviewed

CVE-2025-30014 was published Apr 8, 2025

Path Traversal vulnerability in Bit Apps Bit Assist allows Path Traversal. This issue affects Bit... High Unreviewed

CVE-2025-30834 was published Apr 1, 2025

Path Traversal vulnerability in NotFound GetShop ecommerce allows Path Traversal. This issue... High Unreviewed

CVE-2024-54362 was published Mar 28, 2025

Path Traversal vulnerability in NotFound Pie Register Premium. This issue affects Pie Register... Moderate Unreviewed

CVE-2025-26940 was published Mar 16, 2025

Path Traversal vulnerability in NotFound GPX Viewer allows Path Traversal. This issue affects GPX... Moderate Unreviewed

CVE-2025-27274 was published Mar 3, 2025

Path Traversal vulnerability in NotFound WizShop allows PHP Local File Inclusion. This issue... High Unreviewed

CVE-2025-25122 was published Mar 3, 2025

Path Traversal vulnerability in wpjobportal WP Job Portal allows PHP Local File Inclusion. This... High Unreviewed

CVE-2025-26935 was published Feb 25, 2025

Path Traversal vulnerability in CodeManas Search with Typesense allows Path Traversal. This issue... Moderate Unreviewed

CVE-2025-26876 was published Feb 25, 2025

A CWE-35 "Path Traversal" in maxtime/api/database/database.lua in Q-Free MaxTime less than or... Moderate Unreviewed

CVE-2025-26355 was published Feb 12, 2025

A CWE-35 "Path Traversal" in maxtime/api/database/database.lua in Q-Free MaxTime less than or... Moderate Unreviewed

CVE-2025-26357 was published Feb 12, 2025

A CWE-35 "Path Traversal" in maxtime/api/database/database.lua (setActive endpoint) in Q-Free... High Unreviewed

CVE-2025-26356 was published Feb 12, 2025

A CWE-35 "Path Traversal" in the template download mechanism in Q-Free MaxTime less than or equal... Moderate Unreviewed

CVE-2025-26351 was published Feb 12, 2025

A CWE-35 "Path Traversal" in maxtime/api/sql/sql.lua in Q-Free MaxTime less than or equal to... Moderate Unreviewed

CVE-2025-26353 was published Feb 12, 2025

A CWE-35 "Path Traversal" in the template deletion mechanism in Q-Free MaxTime less than or equal... Moderate Unreviewed

CVE-2025-26352 was published Feb 12, 2025

A CWE-35 "Path Traversal" in maxtime/api/database/database.lua (copy endpoint) in Q-Free MaxTime... High Unreviewed

CVE-2025-26354 was published Feb 12, 2025

A vulnerability was discovered in the firmware builds up to 8.2.1.0820 in Poly Edge E devices.... Moderate Unreviewed

CVE-2025-0858 was published Feb 5, 2025

Improper handling of input variables lead to multiple path traversal vulnerabilities in the... High Unreviewed

CVE-2025-22205 was published Feb 4, 2025

Path Traversal vulnerability in MORKVA Morkva UA Shipping allows PHP Local File Inclusion. This... High Unreviewed

CVE-2025-24685 was published Jan 27, 2025

Path Traversal vulnerability in ElementInvader ElementInvader Addons for Elementor allows PHP... High Unreviewed

CVE-2025-22786 was published Jan 15, 2025

A flaw was found in rsync. When using the `--safe-links` option, rsync fails to properly verify... Moderate Unreviewed

CVE-2024-12088 was published Jan 14, 2025

A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc... Moderate Unreviewed

CVE-2024-12087 was published Jan 14, 2025

Path Traversal vulnerability in SMSA Express SMSA Shipping allows Path Traversal.This issue... High Unreviewed

CVE-2024-49249 was published Jan 7, 2025

Path Traversal: '.../...//' vulnerability in VibeThemes WPLMS allows Path Traversal.This issue... Critical Unreviewed

CVE-2024-56045 was published Dec 31, 2024

Path Traversal: '.../...//' vulnerability in Themewinter Eventin allows Path Traversal.This issue... Moderate Unreviewed

CVE-2024-56213 was published Dec 31, 2024

Path Traversal: '.../...//' vulnerability in DeluxeThemes Userpro allows Path Traversal.This... High Unreviewed

CVE-2024-56214 was published Dec 31, 2024

Previous 1…4…7 Next

Previous 1 2 3 4 5 6 7 Next

ProTip! Advisories are also available from the GraphQL API

CC-BY-4.0 License

Language support

About GitHub Advisory Database

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

GitHub Advisory Database

GitHub reviewed advisories

Unreviewed advisories

163 advisories