Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
5,000+
Erlang
39
GitHub Actions
38
Go
2,680
Maven
5,000+
npm
4,300
NuGet
760
pip
4,078
Pub
12
RubyGems
958
Rust
1,061
Swift
45
Unreviewed advisories
All unreviewed
5,000+

132 advisories

Loading
A low privileged remote attacker can upload a new or overwrite an existing python script by using... High Unreviewed
CVE-2025-41736 was published Nov 18, 2025
Path Traversal: '.../...//' vulnerability in Dmitry V. (CEO of "UKR Solution") Barcode Scanner... High Unreviewed
CVE-2025-58972 was published Nov 6, 2025
Path Traversal: '.../...//' vulnerability in CocoBasic Blanka - One Page WordPress Theme blanka... High Unreviewed
CVE-2025-48090 was published Nov 6, 2025
Path Traversal: '.../...//' vulnerability in Mikado-Themes Wanderland wanderland allows PHP Local... Critical Unreviewed
CVE-2025-39467 was published Nov 6, 2025
Path Traversal: '.../...//' vulnerability in WPMU DEV - Your All-in-One WordPress Platform Smush... Moderate Unreviewed
CVE-2025-22288 was published Nov 6, 2025
An ACAP configuration file lacked sufficient input validation, which could allow a path traversal... Moderate Unreviewed
CVE-2025-5454 was published Nov 11, 2025
A path traversal vulnerability exists in rsync. It stems from behavior enabled by the `--inc... Moderate Unreviewed
CVE-2024-12087 was published Jan 14, 2025
A flaw was found in rsync. When using the `--safe-links` option, rsync fails to properly verify... Moderate Unreviewed
CVE-2024-12088 was published Jan 14, 2025
A Path Traversal vulnerability in the tftpsync/add and tftpsync/delete scripts allows a remote... High Unreviewed
CVE-2025-53880 was published Oct 30, 2025
Path Traversal vulnerability in opentext Flipper allows Absolute Path Traversal.  The... Moderate Unreviewed
CVE-2025-8051 was published Oct 20, 2025
The importFile SOAP method is vulnerable to a directory traversal attack. An unauthenticated... Critical Unreviewed
CVE-2025-41723 was published Oct 22, 2025
A path traversal vulnerability affecting the Windows version of WinRAR allows the attackers to... High Unreviewed
CVE-2025-8088 was published Aug 8, 2025
SAP Print Service (SAPSprint) performs insufficient validation of path information provided by... Critical Unreviewed
CVE-2025-42937 was published Oct 14, 2025
Dell PowerProtect Data Domain with Data Domain Operating System (DD OS) of Feature Release... Moderate Unreviewed
CVE-2025-43907 was published Oct 7, 2025
NLnet Labs’ Routinator vulnerable to path traversal Critical
CVE-2023-39916 was published for routinator (Rust) Sep 13, 2023
Path Traversal vulnerability in CodeManas Search with Typesense allows Path Traversal. This issue... Moderate Unreviewed
CVE-2025-26876 was published Feb 25, 2025
The File Manager plugin for WordPress is vulnerable to Directory Traversal in all versions up to,... Moderate Unreviewed
CVE-2024-2654 was published Apr 9, 2024
Multiple vulnerabilities in Cisco IOS XE Software of could allow an authenticated, local attacker... Moderate Unreviewed
CVE-2025-20313 was published Sep 24, 2025
Dell PowerProtect Data Manager, version(s) 19.19 and 19.20, Hyper-V contain(s) a Path Traversal: ... Moderate Unreviewed
CVE-2025-43886 was published Sep 10, 2025
Path Traversal vulnerability in Stefan Keller WooCommerce Payment Gateway for Saferpay allows... High Unreviewed
CVE-2025-48317 was published Sep 5, 2025
Path Traversal: '.../...//' vulnerability in AA-Team Pro Bulk Watermark Plugin for WordPress... Moderate Unreviewed
CVE-2025-4956 was published Aug 30, 2025
The Mobile Access Portal's File Share application is vulnerable to a directory traversal attack,... Moderate Unreviewed
CVE-2024-52885 was published Aug 6, 2025
Path Traversal: '.../...//' vulnerability in Printeers Printeers Print & Ship allows Path... Moderate Unreviewed
CVE-2025-48081 was published Aug 27, 2025
Path Traversal vulnerability in miniOrange Prevent files / folders access allows Path Traversal.... Moderate Unreviewed
CVE-2025-53561 was published Aug 20, 2025
Path Traversal vulnerability in BoldGrid Post and Page Builder by BoldGrid – Visual Drag and Drop... Moderate Unreviewed
CVE-2025-52712 was published Aug 14, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database