Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,714
Erlang
34
GitHub Actions
28
Go
2,301
Maven
5,000+
npm
3,942
NuGet
711
pip
3,711
Pub
12
RubyGems
920
Rust
960
Swift
38
Unreviewed advisories
All unreviewed
5,000+

99 advisories

Loading
Path Traversal: '.../...//' vulnerability in ctltwp Section Widget allows Path Traversal.This... Moderate Unreviewed
CVE-2025-46441 was published May 19, 2025
Path Traversal: '.../...//' vulnerability in bslthemes Tastyc allows PHP Local File Inclusion... High Unreviewed
CVE-2025-27010 was published May 19, 2025
Path Traversal vulnerability in WHMPress WHMpress allows Path Traversal. This issue affects... High Unreviewed
CVE-2025-39491 was published May 16, 2025
Path Traversal vulnerability in WHMPress WHMpress allows Relative Path Traversal. This issue... High Unreviewed
CVE-2025-39492 was published May 16, 2025
A vulnerability has been identified in SCALANCE LPE9403 (6GK5998-3GS00-2AC2) (All versions).... Moderate Unreviewed
CVE-2025-40573 was published May 13, 2025
Path Traversal vulnerability in ilmosys Open Close WooCommerce Store allows PHP Local File... High Unreviewed
CVE-2025-47649 was published May 7, 2025
Path Traversal vulnerability in Fernando Briano List category posts allows PHP Local File... High Unreviewed
CVE-2025-47636 was published May 7, 2025
io.jmix.localfs:jmix-localfs has a Path Traversal in Local File Storage Moderate
CVE-2025-32950 was published for io.jmix.localfs:jmix-localfs (Maven) Apr 22, 2025
shadowsock5
Path Traversal: '.../...//' vulnerability in ThimPress Ivy School allows PHP Local File Inclusion... High Unreviewed
CVE-2025-39470 was published Apr 18, 2025
Overview   The product uses external input to construct a pathname that should be within a... Moderate Unreviewed
CVE-2025-24907 was published Apr 17, 2025
Overview   The product uses external input to construct a pathname that should be within a... Moderate Unreviewed
CVE-2025-24908 was published Apr 17, 2025
Path Traversal vulnerability in Quý Lê 91 Administrator Z allows Path Traversal. This issue... Moderate Unreviewed
CVE-2025-39598 was published Apr 16, 2025
Path Traversal vulnerability in NotFound WPJobBoard allows Path Traversal. This issue affects... Moderate Unreviewed
CVE-2025-30966 was published Apr 16, 2025
Path Traversal vulnerability in Trusty Plugins Shop Products Filter allows PHP Local File... High Unreviewed
CVE-2025-32585 was published Apr 11, 2025
SAP Capital Yield Tax Management has directory traversal vulnerability due to insufficient path... High Unreviewed
CVE-2025-30014 was published Apr 8, 2025
Path Traversal vulnerability in Bit Apps Bit Assist allows Path Traversal. This issue affects Bit... High Unreviewed
CVE-2025-30834 was published Apr 1, 2025
Path Traversal vulnerability in NotFound GetShop ecommerce allows Path Traversal. This issue... High Unreviewed
CVE-2024-54362 was published Mar 28, 2025
Path Traversal vulnerability in NotFound Pie Register Premium. This issue affects Pie Register... Moderate Unreviewed
CVE-2025-26940 was published Mar 16, 2025
Path Traversal vulnerability in NotFound GPX Viewer allows Path Traversal. This issue affects GPX... Moderate Unreviewed
CVE-2025-27274 was published Mar 3, 2025
Path Traversal vulnerability in NotFound WizShop allows PHP Local File Inclusion. This issue... High Unreviewed
CVE-2025-25122 was published Mar 3, 2025
Path Traversal vulnerability in wpjobportal WP Job Portal allows PHP Local File Inclusion. This... High Unreviewed
CVE-2025-26935 was published Feb 25, 2025
Path Traversal vulnerability in CodeManas Search with Typesense allows Path Traversal. This issue... Moderate Unreviewed
CVE-2025-26876 was published Feb 25, 2025
A CWE-35 "Path Traversal" in maxtime/api/database/database.lua (setActive endpoint) in Q-Free... High Unreviewed
CVE-2025-26356 was published Feb 12, 2025
A CWE-35 "Path Traversal" in maxtime/api/database/database.lua in Q-Free MaxTime less than or... Moderate Unreviewed
CVE-2025-26355 was published Feb 12, 2025
A CWE-35 "Path Traversal" in maxtime/api/database/database.lua in Q-Free MaxTime less than or... Moderate Unreviewed
CVE-2025-26357 was published Feb 12, 2025
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database