GitHub Advisory Database
Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.
GitHub reviewed advisories
Unreviewed advisories
Filter advisories
Filter advisories
GitHub reviewed advisories
All reviewed
5,000+
Composer
4,354
Erlang
31
GitHub Actions
22
Go
2,120
Maven
5,000+
npm
3,779
NuGet
681
pip
3,460
Pub
12
RubyGems
892
Rust
888
Swift
38
Unreviewed advisories
All unreviewed
5,000+
Unreviewed advisories have not been assessed by GitHub for quality and do not connect to the Dependabot service.
2,302 advisories
Filter by severity
Dell PowerProtect DD versions prior to DDOS 8.3.0.0, 7.10.1.50, and 7.13.1.20 contain a path...
High
Unreviewed
CVE-2024-51534
was published
Feb 1, 2025
Improper Limitation of a Pathname to a Restricted Directory (‘Path Traversal’) vulnerability in...
High
Unreviewed
CVE-2024-2224
was published
Apr 9, 2024
The Spring web flows of TIBCO Software Inc.'s TIBCO JasperReports Server, TIBCO JasperReports...
High
Unreviewed
CVE-2018-5430
was published
May 13, 2022
Vulnerability in the Oracle Business Intelligence Enterprise Edition product of Oracle Fusion...
High
Unreviewed
CVE-2020-14864
was published
May 24, 2022
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2025-25155
was published
Feb 7, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2025-25163
was published
Feb 7, 2025
An issue was discovered in Citrix Application Delivery Controller (ADC) and Gateway 10.5, 11.1,...
High
Unreviewed
CVE-2019-19781
was published
May 24, 2022
Directory Traversal vulnerability in Zrlog backup-sql-file.jar v.3.0.31 allows a remote attacker...
High
Unreviewed
CVE-2024-57669
was published
Feb 3, 2025
ChestnutCMS <=1.5.0 has a directory traversal vulnerability in contentcore.controller...
High
Unreviewed
CVE-2024-57451
was published
Feb 3, 2025
An issue found in the Copy and View functions in the File Manager component of OpenPanel v0.3.4...
High
Unreviewed
CVE-2024-53582
was published
Jan 31, 2025
An issue in OpenPanel v0.3.4 to v0.2.1 allows attackers to execute a directory traversal in File...
High
Unreviewed
CVE-2024-53537
was published
Jan 31, 2025
A low privileged remote attacker can specify an arbitrary file on the filesystem which may lead...
High
Unreviewed
CVE-2024-41973
was published
Nov 18, 2024
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2025-23819
was published
Feb 3, 2025
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in...
High
Unreviewed
CVE-2025-24569
was published
Feb 3, 2025
SimpleHelp remote support software v5.5.7 and before allows admin users to upload arbitrary files...
High
Unreviewed
CVE-2024-57728
was published
Jan 16, 2025
An issue was discovered in the Hyundai Gen5W_L in-vehicle infotainment system AE_E_PE_EUR...
High
Unreviewed
CVE-2023-26243
was published
Apr 27, 2023
In JetBrains YouTrack before 2024.3.51866 system takeover was possible through path traversal in...
High
Unreviewed
CVE-2024-54154
was published
Dec 4, 2024
The WP Image Uploader plugin for WordPress is vulnerable to arbitrary file deletion due to...
High
Unreviewed
CVE-2024-13720
was published
Jan 30, 2025
The Music Sheet Viewer plugin for WordPress is vulnerable to Arbitrary File Read in all versions...
High
Unreviewed
CVE-2024-13671
was published
Jan 30, 2025
SAP NetWeaver (Visual Composer 7.0 RT) versions - 7.30, 7.31, 7.40, 7.50, without restriction, an...
High
Unreviewed
CVE-2021-38163
was published
May 24, 2022
Zimbra Collaboration (aka ZCS) 8.8.15 and 9.0 has mboximport functionality that receives a ZIP...
High
Unreviewed
CVE-2022-27925
was published
Apr 22, 2022
RARLAB UnRAR before 6.12 on Linux and UNIX allows directory traversal to write to files during an...
High
Unreviewed
CVE-2022-30333
was published
May 10, 2022
CMSimple 5.16 allows the user to read cms source code through manipulation of the file name in...
High
Unreviewed
CVE-2024-57549
was published
Jan 28, 2025
A vulnerability in the web interface of the Cisco Adaptive Security Appliance (ASA) could allow...
High
Unreviewed
CVE-2018-0296
was published
May 13, 2022
Local privilege escalation due to incorrect assignment of privileges of temporary files in the...
High
Unreviewed
CVE-2025-0542
was published
Jan 25, 2025
ProTip!
Advisories are also available from the
GraphQL API