Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,815
Erlang
36
GitHub Actions
32
Go
2,399
Maven
5,000+
npm
4,040
NuGet
723
pip
3,830
Pub
12
RubyGems
933
Rust
1,002
Swift
38
Unreviewed advisories
All unreviewed
5,000+

29 advisories

Loading
The BeeTeam368 Extensions plugin for WordPress is vulnerable to Directory Traversal in all... High Unreviewed
CVE-2025-6381 was published Jun 28, 2025
The Everest Forms (Pro) plugin for WordPress is vulnerable to arbitrary file deletion due to... High Unreviewed
CVE-2025-5927 was published Jun 26, 2025
The WP-DownloadManager plugin for WordPress is vulnerable to arbitrary file deletion due to lack... High Unreviewed
CVE-2025-4799 was published Jun 11, 2025
Dell Wyse Management Suite, versions prior to WMS 5.2, contain an Absolute Path Traversal... High Unreviewed
CVE-2025-36574 was published Jun 10, 2025
Stored Absolute Path Traversal vulnerabilities in ASPECT could expose sensitive data if... High Unreviewed
CVE-2024-13945 was published May 23, 2025
Port manipulation vulnerabilities in ASPECT provide attackers with the ability to con-trol TCP/IP... High Unreviewed
CVE-2025-2410 was published May 22, 2025
Absolute File Traversal vulnerabilities in ASPECT allows access and modification of unintended... High Unreviewed
CVE-2024-48850 was published May 22, 2025
AgentScope arbitrary file download vulnerability in rpc_agent_client High
CVE-2024-8501 was published for agentscope (pip) Mar 20, 2025
H2O Vulnerable to Arbitrary File Overwrite via File Export High
CVE-2024-6854 was published for ai.h2o:h2o-core (Maven) Mar 20, 2025
NAKIVO Backup & Replication before 11.0.0.88174 allows absolute path traversal for reading files... High Unreviewed
CVE-2024-48248 was published Mar 4, 2025
The topm-client from Chunghwa Telecom has an Arbitrary File Delete vulnerability. The application... High Unreviewed
CVE-2024-12646 was published Dec 16, 2024
The tbm-client from Chunghwa Telecom has an Arbitrary File Delete vulnerability. The application... High Unreviewed
CVE-2024-12643 was published Dec 16, 2024
The tbm-client from Chunghwa Telecom has an Arbitrary File vulnerability. The application sets up... High Unreviewed
CVE-2024-12644 was published Dec 16, 2024
DreamMaker from Interinfo has a Path Traversal vulnerability, allowing unauthenticated remote... High Unreviewed
CVE-2024-11978 was published Nov 29, 2024
PhpSpreadsheet allows absolute path traversal and Server-Side Request Forgery when opening XLSX file High
CVE-2024-45290 was published for phpoffice/phpexcel (Composer) Oct 7, 2024
emilvirkki
Franklin Fueling Systems TS-550 EVO versions prior to 2.26.4.8967 possess a file that can be read... High Unreviewed
CVE-2024-8497 was published Sep 25, 2024
An issue was discovered in Italtel i-MCS NFV 12.1.0-20211215. Remote unauthenticated attackers... High Unreviewed
CVE-2024-28806 was published Jul 29, 2024
An absolute path traversal vulnerability exists in parisneo/lollms-webui v9.6, specifically in... High Unreviewed
CVE-2024-6250 was published Jun 27, 2024
Absolute path traversal vulnerability exists in ID Link Manager and FUJITSU Software TIME CREATOR... High Unreviewed
CVE-2024-33620 was published Jun 18, 2024
LoLLMS Path Traversal vulnerability High
CVE-2024-4881 was published for lollms (pip) Jun 6, 2024
A path traversal vulnerability exists in the parisneo/lollms-webui application, specifically... High Unreviewed
CVE-2024-2548 was published Jun 6, 2024
Microsoft Defender for IoT Remote Code Execution Vulnerability High Unreviewed
CVE-2024-29053 was published Apr 9, 2024
Microsoft Defender for IoT Remote Code Execution Vulnerability High Unreviewed
CVE-2024-21323 was published Apr 9, 2024
Iagona ScrutisWeb versions 2.1.37 and prior are vulnerable to a directory traversal vulnerability... High Unreviewed
CVE-2023-33871 was published Jul 18, 2023
A vulnerability in the web-based management interface of Cisco BroadWorks CommPilot application... High Unreviewed
CVE-2022-20958 was published Nov 4, 2022
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database